Showing content from https://developer.mozilla.org/en-US/docs/Glossary/Session_Hijacking below:
Session Hijacking - Glossary | MDN
Session Hijacking
Session hijacking occurs when an attacker takes over a valid session between two computers. The attacker steals a valid session ID in order to break into the system and snoop data.
Most authentication occurs only at the start of a TCP session. In TCP session hijacking, an attacker gains access by taking over a TCP session between two machines in mid session.
Session hijacking occurs because
- no account lockout for invalid session IDs
- weak session-ID generation algorithm
- insecure handling
- indefinite session expiration time
- short session IDs
- transmission in plain text
Session hijacking process
- Sniff, that is perform a man-in-the-middle (MITM) attack, place yourself between victim and server.
- Monitor packets flowing between server and user.
- Break the victim machine's connection.
- Take control of the session.
- Inject new packets to the server using the Victim's Session ID.
Protection against session hijacking
- create a secure communication channel with SSH (secure shell)
- pass authentication cookies over HTTPS connection
- implement logout functionality so the user can end the session
- generate the session ID after successful login
- pass encrypted data between the users and the web server
- use a string or long random number as a session key
See also
RetroSearch is an open source project built by @garambo
| Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4