From the course: Ethical Hacking: Session Hijacking
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Intercepting sessions through man-in-the-middle - Linux Tutorial
From the course: Ethical Hacking: Session Hijacking
Intercepting sessions through man-in-the-middle
- [Instructor] Electronic commerce involves two people or organizations doing business through messages sent over an internet connection. The expectation is that nobody is listening to the traffic on that connection. And often cryptography will be used to make sure that anyone who does listen won't be able to understand the messages. A man in the middle attack, abbreviated to MITM, is a form of cyber-attack in which the attacker inserts himself or herself into the connection, routing traffic from each of the participants to the other and reading it as it passes through. The attacker can also remove, change, and insert data into the traffic. In the more sophisticated attacks, the attacker is able to defeat any encryption that might be used. Man in the middle, then, is an eavesdropping attack carried about by establishing a relay or proxy into a communications session. It may exploit in real time or after the fact the information obtained from the interception. Often, neither of the…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
Understanding web sessions4m 8s
-
Understanding WebSockets2m 41s
-
Banking on Zero1m 10s
-
Hijacking sessions using man-in-the-browser4m 32s
-
Intercepting sessions through man-in-the-middle4m 17s
-
Stripping SSL to downgrade the session1m 54s
-
Hijacking an HTTP session through cookies3m 20s
-
Using Subterfuge to hijack sessions through ARP poisoning7m 8s
-
Using Webscarab-NG as a web proxy3m 14s
-
Defeating the Hijack3m 6s
-
-
-
-
-