Security Basics mailing list archives
Re: session-hijacking is still available?
From: secvuln <secvuln () wanadoo fr>
Date: Sun, 6 Apr 2003 23:47:58 +0200 (CEST)
HI, According to some RFC that i don't remember the number, developpers must implement a true randomness for sequence number generation. But very often, developpers suffer from pressure of any kind and they produce bad software and they do half of their job. And then crackers and security experts come into play. You can easily hijack the session of windows 9x and NT 4. In some cases you may succeed in hijacking the session of some W2K boxes. Nmap shows you the feasibilty of a TCP hijkack attack against a machine. I've already scanned some w2k machines where TCP hijacking could be possible, but not easily. The target machine needed to send a lot of packets before i could predict the sequence numbers and steal its tcp session. If it doesn't work and if you are in a LAN, you can still do ARP spoofing and make a Man In The Middle (MITM) attack. Thus, your machine becomes the router between a client and a server, and you can steal logins and passwords. Once you get them, you just need to enter them to the remote server and you're in, without TCP hijacking. But if you want to steal the session of a remote computer on the internet, and if this machine has real random sequence numbers, well you need to enter his machine to steal the login and password, if you know where they are. ALSO, if your goal is to crack boxes and remove files within, then forget about everything you read. If your goal is to play with computers and softwares without doing any kind of harms, if you don't do Denial Of Service, then do this at home first and apply those techniques against machines you are allowed to. Remember, CRACKING IS A CRIME. BE SMART OR GO TO JAIL. Hope this will help you. Have a nice day. ------------------------------------------------------------------- SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.securityfocus.com/SurfControl-security-basics
Current thread:
- session-hijacking is still available? SB CH (Apr 04)
- RE: session-hijacking is still available? Michael Cunningham (Apr 07)
- Re: session-hijacking is still available? secvuln (Apr 07)
- Re: session-hijacking is still available? John Fastabend (Apr 07)
- <Possible follow-ups>
- RE: session-hijacking is still available? Raghu Chinthoju (Apr 04)
- Fwd: FW: session-hijacking is still available? crawford charles (Apr 04)
- REsession-hijacking is still available? Dina Kamal (Apr 08)
- Re: REsession-hijacking is still available? John Fastabend (Apr 09)
- REsession-hijacking is still available? Dina Kamal (Apr 08)
- Re: session-hijacking is still available? crawford charles (Apr 10)