Session hijacking by rahul tyagi
-
Upload
amansyal -
Category
Technology
-
view
3.777 -
download
6
description
Transcript of Session hijacking by rahul tyagi
![Page 1: Session hijacking by rahul tyagi](https://reader033.fdocuments.us/reader033/viewer/2022052315/55617ee5d8b42aac268b52f9/html5/thumbnails/1.jpg)
TCIL-IT Certified Ethical Hacker
Module Session Hijacking
www.facebook.com/officialrahultyagi
![Page 2: Session hijacking by rahul tyagi](https://reader033.fdocuments.us/reader033/viewer/2022052315/55617ee5d8b42aac268b52f9/html5/thumbnails/2.jpg)
Topics• Session Hijacking
• Difference Between Spoofing & Hijacking
• Types of Session Hijacking
• Session Hijacking Tools
• Session Hijacking With Firesheep
• Preventions to Session Hijacking
• Conclusion
www.facebook.com/officialrahultyagi
![Page 3: Session hijacking by rahul tyagi](https://reader033.fdocuments.us/reader033/viewer/2022052315/55617ee5d8b42aac268b52f9/html5/thumbnails/3.jpg)
Session Hijacking
Session Hijacking is when an attacker gets access to the session state of a particular user.
The attacker steals a valid session ID which is used to get into system and retrieve the data
www.facebook.com/officialrahultyagi
![Page 4: Session hijacking by rahul tyagi](https://reader033.fdocuments.us/reader033/viewer/2022052315/55617ee5d8b42aac268b52f9/html5/thumbnails/4.jpg)
Spoofing & Hijacking
In spoofing , an attacker does not actively take another user offline to perform the attack. He mainly pretends to be another user or machine to gain access.
Its done through Cain n Abel
www.facebook.com/officialrahultyagi
![Page 5: Session hijacking by rahul tyagi](https://reader033.fdocuments.us/reader033/viewer/2022052315/55617ee5d8b42aac268b52f9/html5/thumbnails/5.jpg)
Spoofing & Hijacking
Hijacking is done only after
victim has connected to the
server. With hijacking , an
attacker takes over an existing
session, which means he relies
on the legitimate user to make a
connection and authenticate.
At last the attacker takes over
the session.
www.facebook.com/officialrahultyagi
![Page 6: Session hijacking by rahul tyagi](https://reader033.fdocuments.us/reader033/viewer/2022052315/55617ee5d8b42aac268b52f9/html5/thumbnails/6.jpg)
Steps in Session Hijacking
1.First you should able to sniff the network
2.Monitor the flow of packets
3. Predict the sequence number
4.Kill the connection to the victim’s machine
5. Take over the session
6. Start injecting packets to the target server
www.facebook.com/officialrahultyagi
![Page 7: Session hijacking by rahul tyagi](https://reader033.fdocuments.us/reader033/viewer/2022052315/55617ee5d8b42aac268b52f9/html5/thumbnails/7.jpg)
Types of Hijacking
Active:- In an active attack , an attacker finds an active session and takes over.
Passive:- With passive attack, an attacker hijacks a session, but sits back, and watches and records all the traffic that s being sent forth
www.facebook.com/officialrahultyagi
![Page 8: Session hijacking by rahul tyagi](https://reader033.fdocuments.us/reader033/viewer/2022052315/55617ee5d8b42aac268b52f9/html5/thumbnails/8.jpg)
Session Hijacking With Firesheep
Firesheep
Firesheep is free, open source, and is
available now for Mac OS X and
Windows. Linux support is on the way.
When logging into a website you
usually start by submitting your
username and password. The server
then checks to see if an account
matching this information exists and if
so, replies back to you with a "cookie"
which is used by your browser for all subsequent requests.
www.facebook.com/officialrahultyagi
![Page 9: Session hijacking by rahul tyagi](https://reader033.fdocuments.us/reader033/viewer/2022052315/55617ee5d8b42aac268b52f9/html5/thumbnails/9.jpg)
Session Hijacking With Firesheep
It's extremely common for websites to
protect your password by encrypting
the initial login, but surprisingly
uncommon for websites to encrypt
everything else. This leaves the
cookie (and the user) vulnerable.
HTTP session hijacking (sometimes
called "sidejacking") is when an
attacker gets a hold of a user's cookie,
allowing them to do anything the user
can do on a particular website. On an
open wireless network, cookies are
basically shouted through the air, making these attacks extremely easy.
www.facebook.com/officialrahultyagi
![Page 10: Session hijacking by rahul tyagi](https://reader033.fdocuments.us/reader033/viewer/2022052315/55617ee5d8b42aac268b52f9/html5/thumbnails/10.jpg)
Session Hijacking With Firesheep
After installing the extension you'll see
a new sidebar. Connect to any busy
open wifi network and click the big
"Start Capturing" button. Then wait.
www.facebook.com/officialrahultyagi
![Page 11: Session hijacking by rahul tyagi](https://reader033.fdocuments.us/reader033/viewer/2022052315/55617ee5d8b42aac268b52f9/html5/thumbnails/11.jpg)
Session Hijacking With Firesheep
As soon as anyone on the network
visits an insecure website known to
Firesheep, their name and photo will be displayed:
www.facebook.com/officialrahultyagi
![Page 12: Session hijacking by rahul tyagi](https://reader033.fdocuments.us/reader033/viewer/2022052315/55617ee5d8b42aac268b52f9/html5/thumbnails/12.jpg)
Session Hijacking With Firesheep
Double-click on someone, and you're instantly logged in as them.
www.facebook.com/officialrahultyagi
![Page 13: Session hijacking by rahul tyagi](https://reader033.fdocuments.us/reader033/viewer/2022052315/55617ee5d8b42aac268b52f9/html5/thumbnails/13.jpg)
Conclusion
Websites have a responsibility to protect the
people who depend on their services. They've
been ignoring this responsibility for too long, and
it's time for everyone to demand a more secureweb.
www.facebook.com/officialrahultyagi