Understand how a man-in-the-middle attack can be used to intercept and exploit a session, and how SSL offload works.
- [Instructor] Electronic commerce involves two people…or organizations doing business through messages…sent over an internet connection.…The expectation is that nobody is listening…to the traffic on that connection.…And often cryptography will be used…to make sure that anyone who does listen…won't be able to understand the messages.…A man in the middle attack, abbreviated to MITM,…is a form of cyber-attack in which the attacker…inserts himself or herself into the connection,…routing traffic from each of the participants…to the other and reading it as it passes through.…
The attacker can also remove, change,…and insert data into the traffic.…In the more sophisticated attacks,…the attacker is able to defeat any encryption…that might be used.…Man in the middle, then, is an eavesdropping attack…carried about by establishing a relay or proxy…into a communications session.…It may exploit in real time or after the fact…the information obtained from the interception.…Often, neither of the legitimate participants…will be aware their connection has been compromised…
This course teaches you what session hijacking is, and how black-hat hackers use it to attack an organization. Learn how TCP, web, and wireless protocols work and how hackers exploit them. Find out how to use built-in Windows and Linux tools, as well as specialized third-party solutions such as Zed Attack Proxy (ZAP) and Cain, to detect and shore up vulnerabilities. Author and cybersecurity expert Malcolm Shore also discusses remote hijacking, which allows hackers to take control of drones or even vehicles.
Note: This course maps to the Session Hijacking domain of the Certified Ethical Hacking exam. Review the exam objectives at the EC-Council's website.
- Hijacking a network session, such as a Telnet session
- Understand web sessions
- Intercepting sessions via man-in-the-middle or man-in-the-browser attacks
- Downgrading a session by stripping SSL
- Using ARP poisoning through Subterfuge
- Hijacking an HTTP session through cookies
- Using hijacking defense tools: Zed Attack Proxy and Cain
- Service hijacking (DNS and SSH)
- Hijacking in the physical world: cars and drones