From the course: Ethical Hacking: Session Hijacking
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Understanding TCP sequence numbers - Linux Tutorial
From the course: Ethical Hacking: Session Hijacking
Understanding TCP sequence numbers
- [Instructor] Session hijacking is often thought to be an arcane and highly technical attack on systems, and certainly does exploit the technical implementation of digital communications channels, but in reality, the tools available to the tester provide a straightforward means of looking for hijack vulnerabilities. Nevertheless, it's useful to understand what's happening under the hood. When we talk about session hijacking, we mean the ability of a tester or an attacker to take control of the communications between the user and a host service during their session. This allows the attacker to gain access to the service without having to authenticate, because the legitimate user has already authenticated their access. Session hijacking takes advantage of weaknesses in internet protocols, wireless LANs, and web services. Communicating across the internet requires the use of the internet protocol. This carries a number of sub-protocols, one of which is known as the transmission control…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.