Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd Logo
Upload

Welcome to Scribd!

  • 80 views

    Session Hijacking

    Uploaded by

    Denial Hisham
    Session hijacking involves an attacker gaining access to a user's active session state. There are two types: active, where the attacker takes over an active session, and passive, where the attacker sits back and records traffic without interacting. Prevention methods include encryption and anti-virus software to protect session IDs and detect malware used in hijacking attacks.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd

    Session Hijacking

    Uploaded by

    Denial Hisham
    80 views7 pages
    Session hijacking involves an attacker gaining access to a user's active session state. There are two types: active, where the attacker takes over an active session, and passive, where the attacker sits back and records traffic without interacting. Prevention methods include encryption and anti-virus software to protect session IDs and detect malware used in hijacking attacks.

    Original Description:

    Session Hijack

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Session hijacking involves an attacker gaining access to a user's active session state. There are two types: active, where the attacker takes over an active session, and passive, where the attacker sits back and records traffic without interacting. Prevention methods include encryption and anti-virus software to protect session IDs and detect malware used in hijacking attacks.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Download as pptx, pdf, or txt
    80 views7 pages

    Session Hijacking

    Uploaded by

    Denial Hisham
    Session hijacking involves an attacker gaining access to a user's active session state. There are two types: active, where the attacker takes over an active session, and passive, where the attacker sits back and records traffic without interacting. Prevention methods include encryption and anti-virus software to protect session IDs and detect malware used in hijacking attacks.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Download as pptx, pdf, or txt
    You are on page 1of 7

    RCS2453B

    Session
    Hijacking
    AAINAA IZNI BINTI NOOR AZMAN (2017701117)
    NUR NASRATUL HAKIMAH BINTI KAMAL MOHD KHIR
    (2017376891)
    NUR ZALIFAH BINTI MAT ZUKRI (2017169217)
    OUTLINE
    • Session Hijacking
    • Type of Session Hijacking
    • Prevention Session
    Hijacking

    SESSION
    BEST FOR You 2
    HIJACKING
    O R G A N I C S C O M P A N Y
    What is Session Hijacking?

    » Session Hijacking is when an attacker gets access to


    the session state of a particular user.
    » WhatsApp Sniffer is a popular session hijacking
    attacker.
    » Session Hijacking first attack on Christmas day 1994 by
    Kevin Mitnick when http 0.9 was release.

    SESSION
    BEST FOR You 3
    HIJACKING
    O R G A N I C S C O M P A N Y
    Example Session Hijacking?

    In the example, as we can see, first the


    attacker uses a sniffer to capture a valid
    token session called “Session ID”, then he
    uses the valid token session to gain
    unauthorized access to the Web Server.

    SESSION
    BEST FOR You 4
    HIJACKING
    O R G A N I C S C O M P A N Y
    Type of Session Hijacking

    There 2 types of Session Hijacking


    » Active
    • In an active attack, an attacker finds an active session and
    takes over.
    » Passive
    • When passive attack, an attacker hijacks a session, but sits
    back and watches and records all the traffic that is being
    sent forth.

    SESSION
    BEST FOR You 5
    HIJACKING
    O R G A N I C S C O M P A N Y
    Prevention Session Hijacking
    There are a few methods to prevent session hijacking:

    » Encryption
    » Anti-virus Software

    SESSION
    BEST FOR You 6
    HIJACKING
    O R G A N I C S C O M P A N Y
    BEST
    SESSIONFOR You
    HIJACKING
    ORGANICS COMPANY

    Thank You

    You might also like