Q

Session Hijacking attacks and countermeasures. Illustrate some common exploits for session hijacking.

Home, - Discuss Session Hijacking attacks and countermeasures

Question: A penetration tester is a professional with the skills of the hacker. They are hired by organizations to perform real world attack simulations to evaluate the security of the ICT systems in an organization. Assume that you are a pen tester hired to identify and exploit the vulnerabilities to gain access to systems and data in an organization. Showcase the impact of the following attacks:

a. Session Hijacking attacks and countermeasures. Illustrate some common exploits for session hijacking

Answer: a) The impact of session hijacking is severe. The attacker can gain access to the sensitive credentials of the user with the use of the session hijacking attack. The access to the web application of the user can be gained with the use of this attack. The financial records of the business and the records of the customers can be accessed by the attacker with this attack. Hackers can encrypt the data of the user with this attack and can demand high amount of ransom.

Counter measures
1) The two factor authentication of the user must be there who is using the session.
2) The server and the browser must be encrypted end to end in order to protect from this attack .
3) The automatic logging off must be used after the ending of the session.
4) Session time out provision must be there after the particular time.
5) Session id must be used in order to enhance security.

Common exploits
1) Packet sniffing
2) XSS vulnerabilities such as injection of the client side scripts
3) Use of malicious websites
4) Man in the middle attack
5) Use of the predictable token

b. Session Fixation attacks and counter measures

Answer: b) Session attack can result in the hijacking of the valid session of the user. The session id of the user can be obtained by the attacker by using this attack. The unauthenticated access to active session of the user can be gained by the attacker by using this attack. Packet sniffing method is used by the attacker to pursue this attack.

Counter measures
1) Generation of the new session id on each request of the session
2) Automatic logging off session
3) Time out of session after specific time.

c. Cross Site Scripting attacks and counter measures

Answer: c) Cross scripting attack can provide the attacker access to the sensitive information of the user. The malicious code can be injected by the attacker into the web application by using this attack. Malware can be injected by the attacker by using this attack. The sensitive data of the user can be accessed and used for benefit purpose in order to pursue their motives.

Counter measures
1) Frequent penetration testing of the web application in order to detect the vulnerabilities in the application.
2) The malicious links must not be clicked by the users.
3) The data which is coming into the system must be filtered using the devices such as firewall.
4) The data must be encoded on output.
5) The appropriate content security policy must be used by the organization.


Leave a comment


       
Captcha

Related :-