Session Hijacking

By Shray Kapoor, published Feb 15, 2007

Published Content: 2 Total Views: 130 Favorited By: 0 CPs

Rating: 3.7 of 5

Preface

With the emerging fields in e-commerce, financial and identity information are at a higher risk of being stolen. The purpose of this paper is to illustrate a common cum valiant security threat to which most systems are prone to i.e. Session Hijacking. Sensitive user information are constantly transported between sessions after authentication and hackers are putting their best efforts to steal them .In this article I will discuss mechanics of the act of session hijacking in TCP and UDP sessions i.e. hijacking at the network level and at Application levels i.e. hijacking HTTP sessions.

Background

Session hijacking can be done at two levels: Network Level and Application Level. Network layer hijacking involves TCP and UDP sessions, whereas Application level session hijack occurs with HTTP sessions. Successful attack on network level sessions will provide the attacker some critical information which will than be used to attack application level sessions, so most of the time they occur together depending on the system that is attacked. Network level attacks are most attractive to an attacker because they do not have to be customized on web application basis; they simply attack the data flow of the protocol, which is common for all web applications.

Introduction to TCP

TCP an abbreviation for Transmission Control Protocol, one of the main connection oriented protocol in a TCP/IP network. TCP was formally defined in RFC 793 (while extensions are given in RFC 1323), as a protocol for providing a reliable end -to-end communication on a non-reliable network. To establish a session or a connection with a TCP server, a client must have to follow a structured system for session management; this system is known as "Three Way Handshake". For two machines to communicate via TCP they must have to synchronize their session through Synchronize and Acknowledgement Packets. Every single packet is given a sequence number which helps the receiving host to synchronize and reassemble the stream of packets back into their original and intended order.

Page: 1 2 3 4 5 Next »

More by Shray Kapoor

View all »

Promote this content by clicking on the bookmark icons below. Each will take you to a different third-party site where you can register and add this content to their database of bookmarks.
	Digg Facebook Myspace Yahoo My Web		Del.icio.us Technorati Netscape StumbleUpon		Slashdot Reddit More Bookmarks »

Send to: (separate e-mails with commas) Your name: Your e-mail address:		Notes: