The session hijacking process normally involves five steps:

Sniffing the traffic between the target computer and the server.
Monitoring traffic with the goal of predicting the packet sequence numbers.
Desynchronizing the current session.
Predicting the session ID and taking over the session.
Injecting commands targeted at the server.
Discuss which of these steps you believe represent the most difficult technical challenges and explain the methods or approaches you might employ to overcome the challenges.

Share on Facebook

Tweet

Follow us