All Courses
All Courses
Login / Sign up
-
Project Management
- PMP® Certification Training
- PMI-ACP® Certification Training
- Agile Scrum Master Certification Training
- Scrum Master Training
- PRINCE2® Foundation Certification Training
- PRINCE2® Practitioner Certification Training
- PRINCE2® Foundation and Practitioner Combo Training & Certification
- CAPM® Certification Training
- Certified ScrumMaster® (CSM®) Training and Certification Course
-
Quality Management
- Lean Six Sigma Yellow Belt Training Course
- Lean Six Sigma Green Belt Training & Certification
- Lean Six Sigma Black Belt Training & Certification
- Lean Six Sigma Green & Black Belt Combo Training & Certification
- Six Sigma Yellow Belt Training & Certification
- Six Sigma Green Belt Training & Certification
- Six Sigma Black Belt Training & Certification
- Six Sigma Green & Black Belt Combo Training & Certification
- IT Service Management
-
Data Science
- Certificate Program in Data Science
- Certificate Program in Artificial Intelligence
- Introduction to Data Science
- Data Science with Python Training Course
- Machine Learning Training Course
- Data Science with R Training Course
- Big Data: Hadoop & Spark Training Course
- Tableau Desktop Training Course
- Deep Learning with TensorFlow Training Course
- Natural Language Processing Training Course
- Computer Vision Training Course
-
DevOps and Cloud
- AWS Certified Solutions Architect - Associate
- Introduction To Docker Training Course
- DevOps with AWS CodePipeline, Jenkins and AWS CodeDeploy Training Course
- DevOps: CI/CD with Jenkins pipelines, Maven, Gradle Training Course
- DevOps with AWS Command Line Interface Training Course
- Implementing Microsoft Azure Infrastructure Solutions (70-533) Training Course
- SAP
-
Others
- Advanced Microsoft Excel 2013 Training
- Microsoft Project Training
- CCNA R & S - (200-125)
- Artificial Intelligence (AI) and Machine Learning (ML) Foundation Course
- CompTIA A+ 220-901
- CompTIA A+ 220-902 Training Course
- Blockchain Security Training Course
- Leadership Skills vs. Management Training Course
- Data Visualization with Python and Matplotlib Training Course
- Cyber Security Training Course
- Introduction to Marketing Training
- Introduction to Kubernetes Using Docker
- PHP Object Oriented Programming Training Course
- R3 Corda Blockchain Fundamentals Training Course
- Developing on the NEM Blockchain Training Course
- Introduction to Blockchain Technology Training Course
- Data Analysis with Python and Pandas Training Course
- Developing on the EOS Blockchain Training Course
- Enterprise Blockchain Bootcamp Training Course
- Internet Marketing Fundamentals Training Course
- Social Media Marketing Training Course
- Train The Trainer Course
- MS PowerPoint Training Course
- Fundamentals of Node.js
- Intro to the NEM Blockchain for Developers
- MCSA: Windows Server 2012 Certification (Microsoft Certified Solutions Associate) Training Course
- Microsoft 70-461: Querying SQL Server 2012 Training Course
- GNS3 Training
- Python Object Oriented Programming Fundamentals Training Course
- Microsoft 70-462: Administering SQL Server 2012 Databases Training Course
- PHP Development with the Laravel Framework Training Course
- Microsoft 70-463: Implementing a Data Warehouse with SQL Server 2012 Training Course
- C# Programming Crash Course Training
- Microsoft 70-464: Developing Microsoft SQL Server 2012 Databases Training Course
- Machine Learning for Apps Training Course
- Complete Introduction to Business Data Analysis Training Course
- Microsoft 70-465: Designing Database Solutions for Microsoft SQL Server 2012 Training Course
- Microsoft 70-466: Implementing Data Models and Reports with Microsoft SQL Server 2012 Training Course
- PHP Object Oriented Programming: Build a Login System Training Course
- Microsoft 70-467: Designing Business Intelligence Solutions with Microsoft SQL Server 2012 Training Course
- Fundamentals of JavaScript Training Course
- Professional Graphic Designer Training Course
- Powerful Reports & Dashboards with Microsoft Power BI Training Course
- Internet of Things-IoT 101 Certification Training Course
- Fundamentals of Java Programming Training Course
- Python Programming for Beginners Training Course
- Javascript Best Practices Training Course
- CISSP Certification Training
- Starting with Blockchain Technology for Developers
- Angular 7 Training Course
- Fundamentals of PHP Training Course
- Stepping into Windows PowerShell Training Course
Login
Get started
Reset your password
Enter your email and we'll send you instructions on how to reset your password.
- Opencampus Ethical Hacking Session Hijacking Levels
Session Hijacking Levels
Session Hijacking can be done at two levels:
-
Network Level
-
Application Level
Network Level hijacking includes TCP and UDP sessions.
Application Level hijacking occurs with HTTP Sessions.
Application Level Hijacking:
Here the valid session token is stolen or predicted to take over the session. Various attacks involved here are-
Man in the middle attack:
By using automated tools/spoofing methods the attacker splits the connection between the targets into two. One connection between the client and attacker and another one between attacker and server. Since the attacker becomes the man in the middle, all the traffic goes through him, hence he can capture the session Id.
Cross-site scripting:
Client-side vulnerabilities like XSS attacks allow an attacker to craft a malicious script to get the session Id from the application.
Using Proxy:
By setting up a proxy and causing the traffic to flow through the proxy, one can capture the session Id details.
Man-in the–Browser:
By installing a Trojan in the victim’s browser will notify the attacker the session Id.
Session Replay:
Capturing the authentication packets by sniffing the traffic; replaying those packets after a time interval may cause the attacker to successfully login to the session of the authorized user.
0 Comments
- Ethical Hacking
- Introduction to Ethical Hacking
- Footprinting and Reconnaissance
- Scanning
- Enumeration
- System Hacking
- Malware Threats
- Sniffing
- Social Engineering
- Denial of Service
- Session Hijacking
- Hacking Web Servers
- Web Application Attacks
- SQL Injection
- Hacking Wireless Networks
- Hacking Mobile Devices
- Evading Firewall/IDS and Honey Bots
- Cryptography
- Cloud Computimg
Project Management:
- PMP® Certification Training |
- PMI-ACP® Certification Training |
- Agile Scrum Master Certification Training |
- Scrum Master Training |
- PRINCE2® Foundation Certification Training |
- PRINCE2® Practitioner Certification Training |
- PRINCE2® Foundation and Practitioner Combo Training & Certification |
- CAPM® Certification Training |
- Certified ScrumMaster® (CSM®) Training and Certification Course
Quality Management:
- Lean Six Sigma Yellow Belt Training Course |
- Lean Six Sigma Green Belt Training & Certification |
- Lean Six Sigma Black Belt Training & Certification |
- Lean Six Sigma Green & Black Belt Combo Training & Certification |
- Six Sigma Yellow Belt Training & Certification |
- Six Sigma Green Belt Training & Certification |
- Six Sigma Black Belt Training & Certification |
- Six Sigma Green & Black Belt Combo Training & Certification
IT Service Management:
Data Science:
- Certificate Program in Data Science |
- Certificate Program in Artificial Intelligence |
- Introduction to Data Science |
- Data Science with Python Training Course |
- Machine Learning Training Course |
- Data Science with R Training Course |
- Big Data: Hadoop & Spark Training Course |
- Tableau Desktop Training Course |
- Deep Learning with TensorFlow Training Course |
- Natural Language Processing Training Course |
- Computer Vision Training Course
Add Comment