UDP session hijacking is conceptually simpler than its TCP brethren because UDP doesn’t use sequencing for its packets. As you’ll recall, UDP is a connectionless protocol, meaning it doesn’t establish a verifiable connection between the client and the host. For an attacker, this means no packet sequence is needed. The aim of a UDP hijack is to fool the victim into thinking the attacker’s machine is the server. The attacker must try to get a response packet back to the client before the legitimate host, thereby assuming the role of the server. Different techniques can be used to intercept legitimate server traffic prior to its response to the victim, but the basic goal is the same.
1 Comment