Time
1 hour 14 minutes
Difficulty
Intermediate
CEU/CPE
1

Video Transcription

00:00
everyone welcome back to the course. So in the last video, we just talked about the introduction to the course itself. We talked about some of the prerequisites again. You just want to have a basic understanding of computers as well as a basic understanding of computer networking, specifically communication between the client and server. So, client in a Web server
00:16
in this video, we're just gonna take a brief introduction decision hijacking, and then we'll move right into our lab.
00:23
So what is session high jacking? So basically what the attacker is going to do is we're going to get the session key. So the session token session key might be called different things, but a lot of times they'll do that through sniffing. So, as you see in this example here, the attacker sniffing the session i d.
00:39
They then take that over. They send that to the Web servers for the Web servers, thinking that, Hey, this is a legitimate connection
00:45
and they start communicating with the attacker.
00:48
Other ways we can do that are things like client side attack, so cross site scripting and Java script eso, for example, we could have a malicious JavaScript is part of the cross site scripting attack on that can steal the cookies as well as predicting so if you've got easily predictable session keys, the attacker might be able to predict the next key in the sequence.
01:08
So some common exploits that are a little older but are probably well known to some extent, fire sheep was a browser extension for Firefox, so it allows you to steal from unencrypted
01:23
ah, public WiFi. It allowed you to steal the information private information from people that were using, like Facebook and other sites like that. Of course, now Facebook requires https, but back then came out like 2010 back then it allowed you to do so.
01:38
WhatsApp Sniffer Cookie Kasur droid sheep. Those are both the types of side channel attack tools again, these were older ones, but ones that you've probably heard of in the media in the past.
01:51
So how can we prevent against her? Protect against session hijacking? Encryption is probably one of the most common things to do. That way nobody can steal the token, obviously, and there are ways around that random izing, the tokens regenerating after each log in, and in some cases regenerating after every single different request
02:08
as well as extra checks, which can work if using ecstatic eyepiece or something like that.
02:14
So checking that, Okay, this session token is with this I p address. So they're different things we can put in place there. Um, and whether or not this is a attack that a lot of people are going to be doing in your particular systems, you'll just have to determine that for yourselves.
02:29
So this really would have took a brief introduction to session hijacking and the next video we're gonna go ahead and get jump into our lab. So again, we're gonna be using a tool in the cyber labs. When using a tool called her cap inside of Kelly Lennox, we're gonna perform in our poisoning attack, do sniffing and then potentially hopefully get the user name and password as part of that sniffing that we do

Up Next

Session Hijacking

This course covers session hijacking, where an attacker takes over a legitimately established session between a user and host. This is normally seen between a user and a Web server, but can occur with a Telnet session or other TCP-based connection.

Instructed By

Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor