you're reading...
howto, Linux, security

Web based Session Hijacking attacks

Session Hijacking involves that the interceptor has used Man-in-the-middle attack to steal
session dependent attributes (like cookies) of an unsuspecting user who logins in to a web site
so as to get unauthorised access and browse private content.

I don’t encourage computer hacking as it is ilegal, but I write this article for educational purposes only!!!

1. The attacker uses MITM network attack to Victim’s host
2. Then, wireshark to analyze the network traffic of the Victim.
3. Then you will need Greasemonkey (a Firefox add-on) that gives you the ability to script and
manage any web page and do amazing things.
4. Then you will need the Cookie Injector Script for Greasemonkey.

See the following proof of concept screenshots …

This slideshow requires JavaScript.


Comments are closed.