HIJACKING

Session Hijacking is the process of taking over a existing active session. One of the main reason for Hijacking the session is to bypass the authentication process and gain the access to the machine. Since the session is already active so there is no need of re-authenticating and the hacker can easily access the resources and sensitive information like passwords, bank details and much more.

Different Types of Session Hijacking

There are two types of session hijacking depending on how they are done. If the attacker directly gets involved with the target, it is called active hijacking, and if an attacker just passively monitors the traffic, it is passive hijacking.

1. Active attack

2. Passive attack

In Passive attack, the hacker Hijacks a session, but just sits back and watches and records all the traffic that is being sent from the computer or received by the computer. This is useful for finding the sensitive information like username passwords of websites, windows and much more…

In Active attack, hacker finds the active session and takes over it. This is done by forcing one of the parties offline which is usually achieved by DDOS attack (Distributed Denial of service attack) . Now the hacker takes control over the active session and executes the commands on the system that either give him the sensitive information such as passwords or allow him to login at later time.

 There are also some hybrid attacks, where the attacker watches a session for while and then becomes active by taking it over. Another way is to watch the session and periodically inject data into the active session without actually taking it over.