Session hijacking refers to the exploitation of a valid computer session where an
attacker takes over a session between two computers. The attacker steals avalid session ID
that is used to get in to the system and extract the data. TCP session hijacking means taking
control over a TCP session exchanged between two computers. It is carried out through source-
routed IP packets. An attacker who is logged on to a system can participate in the conversation
of other users on other systems by diverting packets to his orher system. Blind hijacking is
another method through which responses on a system can be assumed. The man-in-the-middle
(MITM) attack is another method in which a sniffer is used to trackdown a conversation
between two users. Denial-of-service (DoS) is executed so that a system crashes, which leads
to a greater loss of packets.
Steps in session hijacking:
- Tracking the connection
- Desynchronizing the connection
- Injecting the attacker's packet
Post a Comment