Tuesday, April 12, 2011

Session hijacking attack

What is session hijacking attack and how does it done ??

In Session hijacking attack attacker will be hijacking the user (victim) session ,which is normally done by exploiting the web session management .

Because http communication uses many different tcp connections , so a webserver requires a specific method for recognizing every user connections uniquely . For this webserver will be sending a token to the client webbrowser after successful client authentication which is called as a session token .

A session token is normally composed of a string of variable width and it could be used in different ways, like in the URL, in the header of the http requisition as a cookie, in other parts of the header of the http request, or yet in the body of the http requisition.

The Session Hijacking attack compromises the session token by stealing or predicting a valid session token to gain unauthorized access to the Web Server. 

Session hijacking attack can be done in different ways  and they are

1) predictable session token
2)Session sniffing
3)man in the middle attack
4)man in the browser attack
5)Xss attack

1) Predictable session token :- 

Here attacker will try to predict the sessionid of the user by trying different combinations and it is not at all easy .

2)Session sniffing attack

Man-in the middle attack and man-in the browser attack will be explained in the next post
                                                                                                                         To be continued..


Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Vamshi krishnam raju | Bloggerized by Vamshi krishnam raju - Vamshi krishnam raju | Vamshi krishnam raju