Session Hijacking

SESSION HIJACKING
BY Vishal Punjabi

TOPICS
TCP Concepts-The 3 Way handshake
Session hijacking
Types
Method
Mitigations
Tools
Firesheep

The 3-way Handshake

What is Session Hijacking ?
Session hijacking is when an attacker gets access to the session state of a legitimate user.
The attacker steals a valid session ID which is used to get into the system and retrieve the data

3-Way Handshake

Session Hijacking

This is Spoofing not Hijacking

This is Hijacking

Types Of Session Hijacking
Predictable session token
Session sniffing
Client side attacks (XSS, malicious JS codes, trojans etc)
Blind Hijack
Man-in-the-middle (MITM)

Method (steps)
Place yourself between the victim and the target (you must be able to sniff the network)
Monitor the flow of packets
Predict the sequence number
Optionally kill the connection to the victim’s machine
Take over the session
Start injecting packets to the target server

Mitigations
Use a secure HTTPS protocol
Use a VPN when connecting remotely
Protect access to your own networks
Limit exposure to untrusted networks
Educate the employees

Tools
Juggernaut
Hunt
TTY Watcher
IP Watcher
T-Sight
Parros HTTP Hijacker
DroidSheep for Android
Firesheep (Firefox addon)

Firesheep
Firesheep is a free, open source, and is now available for Mac OS X and Windows.
Linux support is on the way.
Find it here-
https://github.com/codebutler/firesheep/downloads

Session Hijacking

by n|u - The Open Security Community on Oct 05, 2011

Accessibility

Categories

Tags

Upload Details

Usage Rights

1 Embed 378

Statistics

Session Hijacking — Presentation Transcript