Session Hijacking
Web Hacking

How to do Session Hijacking??

Hello Readers, I already said on my previous article where I mentioned the attacks that are used to bring down a website and in case if you missed it , please check here. Session Hijacking is also one of the attack that is commonly done on websites.For a brief overview on it, Go on with my article.

Session

A session is an approach to store data (in factors) to be utilized over various pages. Dissimilar to a treat, the data is not put away on the clients PC.

Ordinarily kept up by the server

–Includes an information store or a table to store client state and other client particular data

–Includes a record to the table (otherwise known as session key or session-id)

–Created on first demand or after a confirmation procedure

–Session-id traded amongst program and server on each demand.

–Different approaches to trade session-ids

–URL Rewriting

–Hidden Form fields

–Cookies

Hijacking

–Stealing of this session-id and using it to impersonate and access data
–Passive attack difficult to detect

Attack Methods

–Guessing Session Id
–shorter length, predictable
–Session Fixing
–predictable, session created before authenticated
–Session Sniffing (typical on non SSL sessions)
–same subnet as client or server
–Man in the Middle Attack (SSL)
–ARP Poisoning, DNS Spoofing
–Cross Site Scripting (XSS)
–User trusting source, application vulnerability

How to perform Session Hijacking ?

Session Hijacking through Network MITM attacks

Requirements:

  1. Kali Linux OS
  2. Wireshark
  3. Grease Monkey Add-on
  4. Cookie Injector Script

Step 1:

Perform Network Level MITM attack to redirect all the network packets having session values
towards attacker machine.

Step 2:

Start Wireshark to get the ongoing packets.

Step 3:

Go to victim machine and open internet explorer and navigate to Facebook website you can
observe that target internet explorer browser will not redirect Facebook to https site, login with valid username and password and have access with the account.

Step 4:

Meanwhile on the attacker Wireshark will collect all the username password packets and session
packets.

To find out the packets contains sessions from other packets just apply a Wireshark filter on the
display filters section.

http.cookie contains datr

Apply the above mentioned Wireshark display filter to see only packets having session value.

Once you got a session packet of Facebook or other website just right click -> copy -> bytes -> printable text only.

Step 5:

Goto Firefox browser on the attacker machine where grease monkey and cookie injector installed
press alt+c, so that you can see a small popup with a text field will come.

Step 6:

Paste the copied session value there and click ok and refresh the page.

Step 7:

You can see the Facebook will be loading with logged in account.

(Note: This is a LAN attack will not apply to remote level attacks.)

Session Hijacking with XSS

Step 1:

Find out the xss vulnerable page and execute the following code into any of the input field to get
the session value.

“>alert(document.cookie)
Or
javascript:alert(document.cookie);

Example :

You will get output like

 

Or

You will get this:

 

This article is only for educational purpose

Hope this article  Session Hijacking Helps you

Thankyou for reading the article…

Happy Hacking….

The following two tabs change content below.

Anuj Mishra

Admin, Founder & Chief Editor at HackeRoyale
Engineer. Blogger. Ethical hacker. Penetration Tester. Deep Webbie. Bug hunter. Security Analyst. Web Developer. Techie. Programmer. Foodie. Music Lover. Traveller. Enthusiast.

Comment Now !