Session Hijacking Simply Explained

August 04, 2014 ,
session hijacking simply explained

Let's start "Session Hijacking" :
  • Session hijacking attack exploits session control mechanisms.
  • In session hijacking hacker usually aims at the session token,which is used to handle a single user's session.
  • Session hijacking compromises the session token by stealing or predicting a valid session token to gain unauthorized access to a web server.
Session token can be gained by many ways, some of them are given below :
  • Session token prediction
  • Session Sniffing
  • Client side attacks
  • Man in the middle attack

How The Session Token Prediction Works ?

The session token prediction works by predicting valid session values. That session ID values permit an attacker to gain a user session of application without any authentications.

How The Attacker Can Predict Session ID Values ?

First the attacker should collect valid session IDs, that are used to identify authenticated users. Then the attacker should identify the structure of session ID and should find out, how to create the valid session ID of the application. The attacker should identify the encryption mechanism used  to protect the session IDs.

Also the attacker can use brute force technique to generate and test different session IDs until he successfully gain access to the application.


How The Session Sniffing Works ?

In session sniffing technique attacker uses a sniffer and captures the session ID of a valid user. Then he uses that session ID to gain  unauthorized access to web server.

What Are The Best Free Packet Sniffers  ?

  • WireShark Packet Sniffer
  • Capsa Packet Sniffer Free
  • Microsoft Network Monitor
  • tcpdump

How The Client Side Attack Works ?

In client side attack the attacker gains valid session ID by tricking the valid user to click a maliciously crafted link, that transfers all the information of user's session token to the attacker. Using this information, an attacker can gain access to the web-server easily. Client side attacks are  usually XSS attacks(cross site scripting attacks) or using a trojan to gain valid session token.

How The Man In The Middle Attack Works ?

To know how the man in the middle attack works, Goto  Man-In-The-Middle-Attack .

Post a Comment

No comments

Subscribe to: Post Comments ( Atom )
Powered by Blogger.