Understanding Session Hijacking 301
- Forwarding traffic isn’t a very eventful command, but it’s important to what you are try-
ing to accomplish here. So now go back to your ping string and see what’s changed. - Perfect; you can see that your ICMP packets are “normally” flowing across the wire
without a hitch. You are now successfully in the middle of the victim’s traffic flow and
are passing traffic along with no one the wiser. From here, you can steal the client ses-
sion, perform a denial of service, or sniff passwords.
At the risk of oversimplification, the exam is fairly straightforward when it
comes to testing your knowledge of session hijacking and especially MITM
attacks.UDP Session Hijacking
UDP session hijacking is conceptually simpler than its TCP brethren because UDP doesn’t
use sequencing for its packets. As you’ll recall, UDP is a connectionless protocol, meaning
it doesn’t establish a verifiable connection between the client and the host. For an attacker,
this means no packet sequence is needed. The aim of a UDP hijack is to fool the victim
into thinking the attacker’s machine is the server. The attacker must try to get a response
packet back to the client before the legitimate host, thereby assuming the role of the server.
Different techniques can be used to intercept legitimate server traffic prior to its response to
the victim, but the basic goal is the same.