Question

Due to cyber threats in the digital world, an aspiring penetration testers are in demand to enter the field of cybersecurity. A penetration testeris a professional who hasthe skills of a hacker; they are hired by an organisation to perform simulations of real world attacks because there are wide reaching consequences if systems in any organisation are compromised. Assume, yourself as an aspiring pen tester, how you will showcase the impact of session hijacking, session prediction, session fixation, session side jacking, cross-site scripting and illustrate some of the infamous session hijacking exploitsto your prospective employer BAGAD Pty. Ltd.

Answer 1

Session Hijacking:(Obtaining a valid session ID from a user)

Session Hijacking is an cyber attack where user session(an active TCP/IP communication session) is taken by the attacker.The attacker will enjoy the same access to resources as the compromised user.

Impacts:

Identity theft,Information theft,Stealing sensitive data are common impacts of session hijacking.

Session Prediction: (Guessing the valid session ID)

Session prediction is also called the Credential Session.It is a attack technique that focusses on predicting the session ID values that permit an attacker to bypass the authentication schema of the application.

Impacts:

Session ID is stored within the cookie or URL.Session ID enables user tracking on a website.The session ID can also provide automatic authentication for future visits to that site or associated sites. If a attacker obtains session ID data, he can conduct an attack, such as session hijacking or session replay.Session prediction and hijacking typically occur while a legitimate user is interacting with an affected Web site.

Session Fixation:(Creating a valid session ID and tricking the user into using it)

Session fixation is a web attack technique. The attacker tricks the user into using a specific session ID. After the user logs in to the web application using the provided session ID, the attacker uses this valid session ID to gain access to the user’s account.

Impacts:

Session fixation leads to could leads to a loss of privacy allowing the attacker to obtain the sensitive information entered into the application by the user.It could also leads to the usage of the user's account if the attacker is able to authenticate the application with the help of stolen Session ID.

If administrator accounts are compromised using this vulnerability the attack could be used to make other attacks possible, such as altering the configuration of the application or extracting data from backend databases.

Session side jacking:

Session side jacking, where the attacker uses packet sniffing(collecting and logging some or all packets that pass through a computer network) to read network traffic between two parties to steal the session ID.

Impacts:

This attack allows attackers to read the network traffic to intercept all the data that is submitted to the server that are viewed by the client. Since this data includes the session cookie, it allows them to identify the victim, even if the password itself is not compromised.

Cross site scripting:

Cross site scripting is the client side node injection attack. The attacker uses the vulnerable web page of the user to deliver malicious javascript to the user.The attack occurs when the victim visits the web page that executes the malicious code.

Impacts:

Malicious JavaScript has access to all the objects that the rest of the web page has access to. This includes access to the user’s cookies. Cookies are often used to store session ID's. If an attacker can obtain a user’s session cookie, they can impersonate that user, perform actions on behalf of the user, and gain access to the user’s sensitive data.

Session Hijacking Exploits:

The Session Hijacking attack consists of the exploitation of the web session control mechanism, which is normally managed for a session token.

Because http communication uses many different TCP connections, the web server needs a method to recognize every user’s connections. The most useful method depends on a token that the Web Server sends to the client browser after a successful client authentication. A session token is normally composed of a string of variable width and it could be used in different ways, like in the URL, in the header of the http requisition as a cookie, in other parts of the header of the http request, or yet in the body of the http requisition.

The session ID could be identified in different ways.They are:

• Session Prediction
• Session Sniffing
• Client-side attacks
• Man-in-the-middle attack
• Man-in-the-browser attack