What Is Session Hijacking Attack ?
Session hijacking, also known as TCP session hijacking, is a method of taking over a Web user session by surreptitiously obtaining the session ID and masquerading as the authorized user. Once the user's session ID has been accessed (through session prediction), the attacker can masquerade as that user and do anything the user is authorized to do on the network.The session ID is normally stored within a cookie or URL. For most communications, authentication procedures are carried out at set up. Session hijacking takes advantage of that practice by intruding in real time, during a session. The intrusion may or may not be detectable, depending on the user's level of technical knowledge and the nature of the attack. If a Web site does not respond in the normal or expected way to user input or stops responding altogether for an unknown reason, session hijacking is a possible cause
Step By Step Explanation Of How To Carry Out This Attack ?
First of all, you would need to connect to an unsecured wireless
connection that others are using. Then we start capturing packets
transferred over this network. Note that your wireless adapter needs to
support monitor mode to scan all packets transferred over a network. you
can check your wi-fi card specifications to see if it supports monitor
mode.
We would then need to use a network sniffing tool so sniff
packets transferred over the network. In this case, I am using a tool
called Wireshark (Download From Here).
Within wireshark, there is a menu called "Capture"; Under the capture
menu, select interfaces from that menu, and a list of your interfaces
will come up.
Next you select Start Next to the interface that you have enabled monitor mode on. most times it is the interface that is capturing the most packets. In my case, Microsoft interface is capturing the most packets, so i will select to start capturing with the microsoft interface. You would leave wireshark to capture packets for a couple of seconds depending on the amount of persons currently using the network. Say 30 seconds if 10 people currently are using the network, or 30 minutes if there is barely network activity going on. While capturing, wireshark will look something like this.
After capturing a certain amount of packets, or running the capture for a certain amount of time, stop it by clicking on the stop current capture button.
The first thing we would need to do is to clear all cookies, so clear all the cookies you currently have. Then select the "Add Cookie" by clicking on " + sing " to add a new cookie. The first cookie you will add is the c_user cookie which will have the following information:: Domain - ".facebook.com", name-"c_user", value-"the value you copied earlier from the wireshark scanning" and the Path-"/"; leave the isSecure , isSession and Expires On values to default:
The next thing you do is to hit the " + Sing " button and the cookie is saved. Repeat the same steps to add the xs cookie with all of the same information, except the value, which would be the xs value you have.
After adding these 2 cookies, just go to facebook.com, refresh the page and... Boom!! you will see you are logged in as that user whose cookie information you stole. Here is my facebook page after i injected those cookies:
Note: This tutorial is only for Educational Purposes, I did not take any responsibility of any misuse, you will be solely responsible for any misuse that you do. Hacking email accounts is criminal activity and is punishable under cyber crime and you may get up to 3 years of imprisonment, if got caught in doing so.
প্রথমে আপনার Facebook এর Account Settings-এ Click করুন ।
খুবি মজার... এগুলো ব্যবহার করুন আর বন্ধুদের চমকে দিন ^_^ টিউন ভালো লাগলে টিউমেন্ট করবেন কিন্তু...
