Type of Session Hijacking

Type of Session Hijacking

  1. Active
    In active session hijacking , an attacker is able to manage stealing active and valid session id of the target user. Attacker disconnects the target from  the active session and takes over that active session.
    Generally the attacker needs to intercept  the packets and analysis them in order to get valid cookies or session id information . Before that takeover of an active session are quite complex and difficult.
  2. Passive
    In the passive session hijacking , an attacker sits between two communicating host and analyse their communication  packets traffic . After getting the session id or valid cookie , attacker hijacks the session but doesn’t perform any exploit.
    Attacker simply analyse all the packet communication which are going in forward request and tries to communicate using the fake identity in order to get highly sensitive information from the other side

Leave a Reply

Your email address will not be published. Required fields are marked *