Learn how an attacker can change your host file and hijack specific sessions.
- [Instructor] The Domain Name Service, or DNS,…is used to translate a website name to an IP address.…The DNS service requests a translation…from the internet-based DNS server which is supporting…your network connection, typically that's of your ISP.…However, there's also a file on both Windows and Linux…which provides a hard-coded translation and it's used…prior to checking any DNS server.…This is the HOSTS file and and adversary who gains access…to your system can use it to hijack…your network connections.…
I'll open a browser and go to Facebook.…Okay, that's the Facebook login screen.…I'll close that now.…I'll open Notepad as administrator.…And I'll navigate…to Windows, System32, Drivers, etc.…And I'll open the HOSTS file.…
Okay, we can see it has some explanation,…but no active entries.…I'll add an entry.…I'll open Explorer.…And we'll go to facebook.com.…And we we see the metasploitable web interface displayed.…Our Facebook connection has been hijacked.…Of course a real hijack of something like for instance…a bank website, would re-route the connection…
This course teaches you what session hijacking is, and how black-hat hackers use it to attack an organization. Learn how TCP, web, and wireless protocols work and how hackers exploit them. Find out how to use built-in Windows and Linux tools, as well as specialized third-party solutions such as Zed Attack Proxy (ZAP) and Cain, to detect and shore up vulnerabilities. Author and cybersecurity expert Malcolm Shore also discusses remote hijacking, which allows hackers to take control of drones or even vehicles.
Note: This course maps to the Session Hijacking domain of the Certified Ethical Hacking exam. Review the exam objectives at the EC-Council's website.
- Hijacking a network session, such as a Telnet session
- Understand web sessions
- Intercepting sessions via man-in-the-middle or man-in-the-browser attacks
- Downgrading a session by stripping SSL
- Using ARP poisoning through Subterfuge
- Hijacking an HTTP session through cookies
- Using hijacking defense tools: Zed Attack Proxy and Cain
- Service hijacking (DNS and SSH)
- Hijacking in the physical world: cars and drones