wisemonkeys logo
FeedNotificationProfileManage Forms
FeedNotificationSearchSign in
wisemonkeys logo

Blogs

SESSION HIJACKING

profile
42_Ramesh Yadav
Sep 14, 2023
0 Likes
0 Discussions
81 Reads

What is a Session?

A session is a series of interactions that take place within a single connection between two communication endpoints. A web application does not require authentication for every click since, HTTP is stateless, which means designers need to automate tracking the state of multiple connections from the same user. When a user logs into an application, a session is created on the server to ensure subsequent requests are synchronized.

The application uses sessions to keep track of parameters that are unique to the user. As long as the logged-in user remains, the session is kept “alive” on the server. After a certain period of inactivity, a session is destroyed immediately upon the user logging out of the system. Data belonging to the user should be deleted from the allocated memory space whenever a session terminates.

What is Session Hijacking?

An attacker hijacks a user session to gain control over it. A session starts when you log in and out of a service, like your bank’s application. A cookie hijack or cookie side-jacking is an attack that relies on an attacker knowing your session cookie. Session hijacking is commonly associated with web browsers and web applications, yet it can happen with any application.

Difference Between Session Hijacking And Spoofing

Session hijacking and spoofing are closely related, but the timing of their attacks differs. Session hijacking occurs when an attacker hijacks a user’s login and authentication credentials. And from the victim’s point of view, it often results in unpredictability or crashes of the targeted application.

When spoofing occurs, attackers use stolen or counterfeit tokens to initiate a new session that appears to be set by the original user.

Session Hijacking Techniques

To hijack a user’s session, an attacker can use several techniques, depending on the attacker’s position. Examples of session hijack attacks include:

Cross-site scripting session hijacking (XSS):-

When an attacker exploits vulnerabilities within a server or application, he injects Java scripts into a user’s web page, causing the browser to run arbitrary code. Moreover, injected scripts will be able to access your session key if the server does not set HTTP. Only in session cookies, thus, giving attackers the information required for session hijacking.

Session Side Jacking:-

An attacker can intercept the session cookies of a user after he or she authenticates them by using packet sniffing. By using SSL/TLS only for its login pages, the website takes the easy route and the attacker can steal the session key and impersonate the user to operate the web application.

Generally, this happens with an unsecured WiFi Hotspot, as the attacker can access the network, monitor the traffic, and then set up their access points to conduct the attack.

Session Fixing:-

Using a session key, attackers gain access to the server by spoofing the user’s credentials. Due to stateless protocols, there is a threat of session hijacking. It is these limitations that make the protocols vulnerable to attacks.

An SSL connection uses Secure Sockets Layers, which protect any personal information required to pass between the two systems. Thus, it reduces the risk of criminals reading and modifying the messages sent over the internet. Transport Layer Security (TLS) is simply an updated, more secure version of SSL.

How can an Attacker take Advantage of a Successful Session Hijack?

After the attacker has gained access, they can perform any actions authorized by the original user while the session is active. If the targeted application involves financial theft, the attacker may demand ransom to release data from the encrypted form, steal the users’ sensitive personal information from company systems, or steal money directly from their bank account.

In large organizations, cookies may be used to identify authenticated users within SingleSign-on (SSO) Systems. An attacker who successfully hijacks a session can gain access to various web applications, from financial databases and customer records to line-of-business applications containing valuable intellectual property.

When you log in using your Facebook account, or Google account, there are more safeguards in place, meaning that hijacking a session cookie won’t be enough to hijack your session.

Session Hijacking Example

Sessions are attacks that exploit data leaks in TLS request compression ratios. The attackers could then use the login cookies to hijack the user’s session. An organization known as CRIME used session hijackers to breach an organization’s website in September 2012.

After hijacking the website’s session by decrypting HTTPS cookies and logging in as users with brute force, CRIME was able to siphon off an enormous amount of data.


Comments ()


Sign in

Read Next

Social media

Blog banner

Virus

Blog banner

MEMORY MANAGEMENT FILE

Blog banner

First-Order Logic (FOL): The Foundation of Modern Logic

Blog banner

Data Security and Data Privacy in Data Science

Blog banner

A-B-C of Networking: Part-2 (Components)

Blog banner

What if COVID does not exist!

Blog banner

Importance of Morning Routines for Students During the Festive Season

Blog banner

Operating system

Blog banner

Service Operations Principles

Blog banner

Importance Of Blockchain

Blog banner

memory cache

Blog banner

Cyber Attacks -- Trends Patterns and Security Countermeasures

Blog banner

What is the point of living if we can die at any moment of our lives ?

Blog banner

Pipedrive

Blog banner

File Systems in OS.

Blog banner

Os(Computer security threats)

Blog banner

objectives and function of operating system

Blog banner

I/O Buffering

Blog banner

Principles of Service Operation

Blog banner

The Golden Temple , Amritsar

Blog banner

Cache memory

Blog banner

Data Science in Everyday Life (like a phone, shopping cart, or social media icons)

Blog banner

Types of Malware in Cyber Security

Blog banner

1 Dentist in Maroubra, Sydney and her 10 obsessions

Blog banner

Uniprocessor scheduling

Blog banner

LINUX

Blog banner

Constrained Management in IT

Blog banner

Mumbai local ......

Blog banner

Linux Threads:

Blog banner

I/O Buffering

Blog banner

Technological Advancement

Blog banner

File sharing

Blog banner

ONLINE NEWSROOMS

Blog banner

MY FIRST BLOG?

Blog banner

Personalized Movie Recommendations with Data Science

Blog banner

Atlantis - The Lost Island.........

Blog banner

Data Mining

Blog banner

Modern Operating System - Khush Bagaria

Blog banner

OPERATING SYSTEM

Blog banner

Why Are So Many Adults Getting Diagnosed with ADHD?

Blog banner

Child labour

Blog banner