Chapter 10 cont’d: Session Hijacking
First, read this Infosec Institute Session Hijacking Cheat Sheet:
https://resources.infosecinstitute.com/session-hijacking-cheat-sheet/
Note session hijacking, session sidejacking and session fixation.
Spoofing vs. Hijacking
Be sure to recognize the difference between just lying about your IP address, and actually taking over a running user session.
How do you get a session ID?
Brute-forcing a Session ID
Stealing a Session ID
Calculating/Cracking an ID
Cracking a Session ID
OWASP’s Discussion of Session Hijacking:
https://owasp.org/www-community/attacks/Session_hijacking_attack
See my page [ Auditing With OWASP ] :: [ Vulnerability A7: Cross-Site Scripting XSS ]:
https://schoolforhackers.com/auditing-with-owasp-vulnerability-a7-cross-site-scripting-xss/
Windows sessions are subject to an SMB Relay attack:
https://pen-testing.sans.org/blog/2013/04/25/smb-relay-demystified-and-ntlmv2-pwnage-with-python
Tools
Ettercap
Cain & Abel