(A vulnerability can be exploited to allow this attack and session hijacking to take place, this will be discussed later on within the post) Once again if authentication has occurred using the SSL / TLS protocol (HTTPS) these details are encrypted mitigating this attack. Due to these details being sent in plain text tools are available which allow the attacker to obtain the credentials, allowing access to the victim account whenever desired. When web sites provide authentication using the SSL / TLS protocol (HTTPS) session hijacking cannot occur due authentication details being encrypted, this protocol will be discussed later within this post.Ĭredential harvesting occurs through the same means as session hijacking, utilising the unencrypted communication of the session cookie. Yet this cookie creates ease of use for users, it creates the issue of enabling malicious actors to capture and replay the cookie granting them authentication to the session (Toussain, 2013). If the session cookie was not used the user would have to enter their authentication details each time they communicate with the desired website. The session cookie is used to hold the authentication details of the user and is sent within the HTTP header during each transmission re-authenticating the user each time. HTTP is a stateless protocol therefore the user is not constantly authenticated during a session. Session hijacking is most prominent when websites which have authentication mechanisms utilise HTTP rather than its secure counterpart HTTPS (Hypertext Transfer Protocol Secure).
As shown within the below Figure an attacker sniffs the session cookie which is transmitted by the victim over the wireless network and then retransmits the session cookie gaining authenticated access to the web server.
Lawson defines Session Hijacking aka Sidejacking as the act of monitoring network traffic in order to capture a users HTTP (Hypertext Transfer Protocol) session cookie allowing an attacker to inject the cookie into their browser permitting authenticated access to the users session (LAWSON, 2013). Within ‘The Lab’ section there is a tutorial available which will allow the reader to create their own sandboxed environment ensuring that laws are not broken during the process. References will also be detailed to enable the reader to verify the information provided as well as conduct further research. Technical details will be provided as well as a step by step tutorial enabling the reader to test these attacks within their own lab environment.
Within this post session hijacking & credential harvesting will be investigated, allowing the reader to understand what each of these attacks are as well as the vulnerability which allows them to occur.
0 kommentar(er)
