In earlier hacking sniffing (sniffing) looked for. telnet, ftp, pop3 protocol applications such as sniffing unencrypted user account and password through an attack may be vulnerable to theft was discovered. As we are using the HTTP protocol for Web browsing, even these can be vulnerable to theft.
HTTP Session Hijacking (or Session ID Hijacking) a Web browsing session when the attack technique used to manage Session ID sniff or random guessing attacks (brute-force guessing) is a technique through the theft. First, the basic background knowledge of these attacks, the nature of the HTTP protocol and the Session ID will to try to understand.
Characteristics of the HTTP protocol
HTTP is basically connectionless maintenance (stateless) protocol. The other hand, telnet and ftp protocols, such as a connection between the client and server (session) is a protocol for communication are established. Thus, we usually open a web browser enter the URL and is entering into its home page that includes its home page (html), pictures (jpg, gif, etc.), JavaScript (js) and individual number for Download Two 80 requests (request) for each response from the server after sending (reply)
Receiving means.
This series consists of requests and responses and communication with the server is shut down again. Basic knowledge of the above, if you know the following questions can be. HTTP is a connectionless protocol, keeping what was called Session Hijacking whether it would be possible for an attack on Iran? It is used for HTTP Session Management is available through the Session ID.
What is Session ID?
A number of Web server requests a Web page in order to distinguish characters on each user's session, a long string of random Session ID value is assigned. When you visit your home or authentication at login will be created. The Session ID of the user accounts, passwords, and other IP address, timestamp, etc. can be created using a combination of several parameters.
Session ID of the user and a set of web surfing behavior by linking to another page after login, visit the Web site every time you do not need to login allows convenience.
We go to the portal site home page or newspaper ad banner is automatically changed when the throw, shopping cart or Internet purchase from seojeokmol maintain a list of everything that is these principles. In other words, Session ID authentication and authorization through (authentication
& Authorization) can perform a session management.
Session ID Where does it exist?
We often hear the Session ID cookie (cookie) that is stored where it is common. But sometimes, the Web browser address bar URL or HTML page contains a form hidden field on the source can reveal.
1)
Cookies
2)
The URL of the Web browser address bar
3)
Form hidden field on a web page source
What is the vulnerability of Session ID?
Session ID in the Web server to create a mechanism and management techniques such as the following may be vulnerable.
Not robust algorithm (Weak Algorithm)
: Session ID string as the value of the attacker to create a reverse engineering algorithm generated as easy as possible cracking and brute-force guessing if you are at risk of attack.
A short Session ID: Even if you use a strong encryption algorithm that is not long enough and short cracking or brute-force guessing if there is a risk of attack.
Lack of account lockout: login and password for the failure is usually a specific number of account lockout or its IP blocking feature is implemented. But usually breaches the integrity of the Session ID number of characteristics for the failure is lack of implementation of this lock. Therefore, brute-force guessing there is a risk of attack.
Infinite expiration Session ID: even after the user logs out of the server side without having to discard the session ID value is valid indefinitely, if accepted get a log of cookie sniffing or proxy servers can be attacked through the session ID.
Passed as plaintext Session ID: the session ID cookie from the server to the client passes the way through sniffing unencrypted bangsikil its value if the exposure can be attacked. Session ID values themselves, especially usernames and passwords in plain text if configured as a direct attack is possible.
Session ID these types of attacks on vulnerabilities are as follows:
Session ID type of attack
Cookie Sniffing through direct Session ID theft
Session ID theft attack, with indirect bypass
Brute-force guessing through the Session ID theft
Until now, what is the Session ID, which exists in the form of, for why is vulnerable examined. Next, look for the type of physical attacks, countermeasures will be discussed about.
No comments:
Post a Comment