CEH Lab Manual Session H ijacking M odule 11 Module 11 - Session Hijacking Hijacking Sessions Session hijacking refers to the exploitation of a valid computer session, ))herein an attachr takes over a session between two computers I CON & KE Y Lab S cenario Valuable information S o u rc e : h ttp : / / k r e b s o n s e c u n t v c o m / 2 / 1 / y a h o o - e m a il- s te a lin g - e x p lo it- Test your knowledge f e tc h e s - 0 H Web exercise ca Workbook review A c c o r d i n g to K r e b s o n S e c u r it y n e w s a n d in v e s tig a tio n , z e r o - d a v v u ln e r a b ility 111 y a h o o c o m t h a t le ts a tta c k e r s h ija c k Y a h o o ! e m a il a c c o u n t s a n d r e d ir e c t u s e r s to m a lic io u s w e b s i te s o t t e r s a f a s c in a tin g g lim p s e i n t o th e u n d e r g r o u n d m a r k e t f o r la rg e -s c a le e x p lo its The e x p lo it, b e i n g s o ld f o r S 0 b y a n E g y p tia n h a c k e r o n a n e x c lu s iv e c y b e r c r im e f o r u m , ta r g e ts a “ c r o s s - s ite s c r ip t in g ” (X S S ) w e a k n e s s in v a h o o c o m th a t le ts a tta c k e r s s te a l c o o k ie s f r o m Y a h o o ! w e b m a il u s e rs S u c h a f la w w o u ld le t a tta c k e r s s e n d o r r e a d e m a il f r o m th e v i c t i m ’s a c c o u n t 111 a tv p ic a l X S S a tta c k , a n a t ta c k e r s e n d s a m a lic io u s lin k to a n u n s u s p e c ti n g u s e r; i f th e u s e r c lic k s th e lin k , th e s c r ip t is e x e c u te d , a n d c a n a c c e s s c o o k ie s , s e s s io n t o k e n s , o r o t h e r s e n s itiv e in f o r m a t i o n r e ta in e d b y th e b r o w s e r a n d u s e d w ith t h a t site T h e s e s c r ip ts c a n e v e n r e w r ite th e c o n t e n t o f th e H T M L p a g e K r e b s O n S e c u r ity c o m a le r te d Y a h o o ! to th e v u ln e r a b ility , a n d th e c o m p a n y say s it is r e s p o n d i n g to th e is s u e R a m s e s M a r tin e z , d ir e c to r o f s e c u r ity a t Y a h o o ! , sa id th e c h a lle n g e n o w is w o r k i n g o u t th e e x a c t v a h o o c o m U R L t h a t tr ig g e rs th e e x p lo it, w h ic h is d if f ic u lt to d is c e r n f r o m w a tc h in g th e v id e o T h e s e ty p e s o t v u ln e r a b ilitie s a re a g o o d r e m i n d e r to b e e s p e c ia lly c a u tio u s a b o u t c lic k in g lin k s 111 e m a ils f r o m s tr a n g e r s o r 111 m e s s a g e s t h a t y o u w e r e n o t e x p e c tin g B e in g a n d a d m in is t r a to r y o u s h o u ld i m p l e m e n t s e c u r ity m e a s u r e s a t A p p lic a tio n le v e l a n d N e tw o rk le v e l to p ro te c t y o u r n e tw o rk fro m s e s s io n h ija c k in g N e t w o r k le v e l h ija c k s is p r e v e n t e d b y p a c k e t e n c r y p tio n w h ic h c a n b e o b ta in e d b y u s in g p r o t o c o l s s u c h as I P S E C , S S L , S S H , e tc I P S E C a llo w s e n c r y p tio n o f p a c k e ts o n s h a r e d k e y b e t w e e n th e tw o s y s te m s in v o lv e d 111 c o m m u n ic a ti o n A p p lic a tio n - le v e l s e c u r ity is o b ta in e d b y u s in g s t r o n g s e s s io n I D S S L a n d S S H a ls o p r o v id e s s tr o n g e n c r y p tio n u s in g SSL c e r tif ic a te s to p r e v e n t s e s s io n h ija c k in g Lab O b jectives T h e o b je c tiv e o f th is la b is to h e lp s u id e n ts le a r n s e s s io n h ija c k in g a n d ta k e n e c e s s a r y a c tio n s to d e f e n d a g a in s t s e s s io n h ija c k in g 111 th is la b , y o u w ill: ■ C E H L a b M a n u a l P a g e 716 I n t e r c e p t a n d m o d if y w e b tr a f f ic E th ic a l H a c k in g a n d C o u n te m ie a s u re s C opyright © by E C -C ouncil All Rights Reserved R epro d u ctio n is Stricdy Prohibited Module 11 - Session Hijacking ■ S 7T o o ls d e m o n str a ted in th is lab are a v a ila b le in D:\CEHTools\CEH v M odule 11 S e s s io n H ijacking S im u la te a T r o j a n , w h ic h m o d if ie s a w o r k s ta ti o n 's p r o x y s e r v e r s e ttin g s Lab E nvironm ent T o c a rry o u t tin s, y o u n e e d : ■ A c o m p u te r m im in g W indow s S erver 2 a s h o st m a ch in e ■ T in s la b w ill m n o n W indow s v irtu a l m a c h in e ■ W e b b r o w s e r w ith I n te r n e t ac ce ss ■ A d m in is tra tiv e p riv ile g es to c o n fig u re se ttin g s a n d m n to o ls Lab D uration T im e : M in u te s O verview o f Session H ijackin g m T A S K O verview S e ssio n h ija c k in g re fe rs to th e e x p lo ita tio n o f a v a lid c o m p u te r se ssio n w h e r e a n a tta c k e r t a k e s o v er a s e s sio n b e tw e e n tw o c o m p u te r s T h e a tta c k e r s t e a ls a v alid s e ssio n I D , w h ic h is u s e d to g e t in to th e sy ste m a n d sn iff th e d ata 111 TCP s e s s io n ln ja ck in g , a n a tta c k e r ta k e s o v e r a T C P s e ssio n b e tw e e n tw o m a c h in e s S in ce m o s t a u th e n tic a tio n s o c c u r o n ly a t th e s ta rt o f a T C P se ssio n , th is allo w s th e a tta c k e r to gain a c c e s s to a m a c h in e Lab Tasks P ic k a n o r g a n iz a tio n d ia t y o u fee l is w o r th y o f y o u r a tte n tio n T in s c o u ld b e a n e d u c a tio n a l in s titu tio n , a c o m m e r c ia l c o m p a n y , o r p e r h a p s a n o n p r o f it c h a n ty R e c o m m e n d e d la b s to assist y o u 111 se ssio n ln jack in g : ‫י‬ S e ssio n ln ja c k in g u s in g ZAP Lab A nalysis A n a ly z e a n d d o c u m e n t d ie re s u lts re la te d to th e la b ex ercise G iv e y o u r o p in io n o n y o u r ta rg e t’s se c u rity p o s tu r e a n d e x p o s u re P L E AS E TALK TO YOUR I N S T R U C T O R IF YOU HAVE Q U E S T I O N S R E L A T E D T O T H I S LAB C E H L a b M a n u a l P a g e 717 E th ic a l H a c k in g a n d C o u n te rm e a s u re s C opyright © by E C -C ouncil All Rights Reserved R epro d u ctio n is Stricdy Prohibited Module 11 - Session Hijacking Lab Session Hijacking Using Zed A ttack Proxy (ZAP) The OWASP Zed Attack Proxy (ZAP) is an easy-to-use integratedpenetration testing too1forfinding vulnerabilities in n‫׳‬eb applications 1C < ON KEY / Valuable information Lab S cenario A tta c k e r s a r e c o n t in u o u s ly w a tc h in g f o r w e b s ite s to h a c k a n d d e y e lo p e r s m u s t b e p r e p a r e d to c o u n t e r - a tta c k m a lic io u s h a c k e r s b y w r i tin g s tr o n g s e c u r e c o d e s your y5Test knowledge A c o m m o n f o r m o f a tta c k is s e s s io n h ija c k in g , i.e , a c c e s s in g a w e b s ite u s in g = Web exercise p a s s w o r d s , a n d o t h e r s e n s itiv e i n f o r m a t i o n t h a t c a n b e m is u s e d b y a h a c k e r m Workbook review S e s s io n h ija c k in g a tta c k s a re p e r f o r m e d e ith e r b y s e s s io n I D g u e s s in g 01‫ ־‬b y s o m e o n e e ls e ’s s e s s io n I D A s e s s io n I D m ig h t c o n t a i n c r e d it c a r d d e ta ils , s to le n s e s s io n I D c o o k ie s S e s s io n I D g u e s s in g in v o lv e s g a t h e r in g a s a m p le o f s e s s io n I D s a n d “ g u e s s in g ‫ ״‬a v a lid s e s s io n I D a s s ig n e d to s o m e o n e else I t is a lw a y s r e c o m m e n d e d n o t to r e p la c e A S P N E T s e s s io n I D s w i t h I D s o f y o u r o w n , as th is w ill p r e v e n t s e s s io n I D g u e s s in g S to le n s e s s io n I D c o o k ie s s e s s io n h ija c k in g a tta c k c a n b e p r e v e n t b y u s in g S S L ; h o w e v e r , u s in g c r o s s - s ite s c r ip tin g a tta c k s a n d o t h e r m e th o d s , a tta c k e r s c a n s te a l th e s e s s io n I D c o o k ie s I f a n a tta c k e r g e ts a h o l d o f a v a lid s e s s io n I D , th e n A S P N E T c o n n e c t s t o th e c o r r e s p o n d i n g s e s s io n w ith 110 f u r t h e r a u t h e n ti c a tio n T h e r e a r e m a n y to o ls e a sily a v a ila b le n o w t h a t a tta c k e r s u s e to h a c k i n t o w e b s ite s 01‫ ־‬u s e r d e ta ils O n e o f t h e to o ls is F ir e s lie e p , w h i c h is a n a d d -011 f o r F ir e f o x W h ile y o u a re c o n n e c t e d to a n u n s e c u r e w ir e le s s n e t w o r k , tin s F ir e f o x a d d -011 c a n s n i f f t h e n e t w o r k tr a f f ic a n d c a p tu r e all y o u r in f o r m a t i o n a n d p r o v id e it to th e h a c k e r 111 th e s a m e n e t w o r k T h e a tta c k e r c a n n o w u s e tin s in f o r m a t i o n a n d lo g in as y o u A s a n e t h ic a l h a c k e r , p e n e t r a t i o n te s te r , 01 s e c u r ity a d m in istr a to r, y o u s h o u ld b e fa m ilia r w ith n e t w o r k a n d w e b a u t h e n ti c a tio n m e c h a n is m s 111 y o u r r o le o f w e b s e c u r ity a d m in is t r a to r , y o u n e e d to te s t w e b s e r v e r tr a f f ic f o r w e a k s e s s i o n IDs, in s e c u r e h a n d lin g , id e n tity th e ft, a n d in form ation lo s s A lw a y s e n s u r e t h a t y o u h a v e a n e n c r y p te d c o n n e c t i o n u s in g h t t p s w h ic h w ill m a k e th e s n if f in g o f n e t w o r k p a c k e ts d if f ic u lt f o r a n a tta c k e r A lte r n a tiv e ly , Y P N C E H L a b M a n u a l P a g e 718 E th ic a l H a c k in g a n d C o u n te rm e a s u re s C opyright © by E C -C ouncil All Rights Reserved R epro d u ctio n is Stricdy Prohibited Module 11 - Session Hijacking c o n n e c t io n s to o c a n b e u s e d to sta y s a fe a n d a d v is e u s e r s to lo g o f f o n c e th e y a re d o n e w ith th e ir w o r k 111 tin s la b y o u w ill le a r n to u s e Z A P p r o x y to in t e r c e p t p r o x ie s , s c a n n in g , e tc Lab O bjectives T h e o b je c tiv e o f tin s la b is to h e lp s tu d e n ts le a r n s e s s io n h ija c k in g a n d h o w to ta k e n e c e s s a r y a c tio n s to d e f e n d a g a in s t s e s s io n h ija c k in g 111 tin s la b , y o u w ill: Tools dem onstrated in this lab are available in D:\CEHTools\CEHv8 Module 11 Session Hijacking ■ I n t e r c e p t a n d m o d if y w e b tr a f f ic ■ S im u la te a T r o j a n , w h ic h m o d if ie s a w o r k s ta ti o n 's p r o x y s e r v e r s e ttin g s Lab E nvironm ent T o c a rry o u t th e la b , y o u n ee d : ■ P aros Proxy lo c a te d a t D:\CEH-Tools\CEHv M odule 11 S e s s io n H ija ck in g \S ession H ijacking T ools\Z aproxy ■ Y o u c a n a lso d o w n lo a d th e la te s t v e r s io n o f ZAP f r o m th e lin k h ttp : / / c o d e g o o g l e c o m / p / z a p r o x v / d o w n l o a d s / l i s t ■ I f y o u d e c id e to d o w n lo a d th e l a t e s t v e r s io n , t h e n s c r e e n s h o t s s h o w n 111 th e la b m ig h t d if f e r Win d o w s ■ A sy ste m w ith r u n n in g ‫י‬ R u n tin s to o l n i W indow s V irtu a l M a c h in e ‫י‬ A w e b b r o w s e r w ith I n te r n e t ac ce ss ‫י‬ A d m in is tra tiv e p riv ile g es to c o n fig u re se ttin g s a n d r u n to o ls ‫י‬ S e rv e r 2 H o s t M a c h in e E n s u r e th a t J a v a Run T im e E nvironm ent (JRE) (o r a b o v e ) is n istalled I f n o t, g o to h t t p : / / i a v a s u n c o m / i2 s e to d o w n lo a d a n d in stall it Lab D uration T im e : M in u te s O verview o f Z ed A tta c k Proxy (ZA P) Z e d A tta c k P ro x y (Z A P ) is d e s ig n e d to b e u s e d b y p e o p le w ith a w id e r a n g e o f se c u rity e x p e rie n c e a n d as s u c h is id e a l f o r d e v e lo p e rs a n d fu n c tio n a l te ste rs w h o are n e w to p e n e tr a tio n te s tin g as w e ll as b e in g a u s e fu l a d d itio n to a n e x p e rie n c e d p e n te s te r ’s to o lb o x I ts fe a tu re s in c lu d e in te r c e p tin g p ro x y , a u to m a te d s c a n n e r, p a ssiv e s c a n n e r, a n d sp id e r Lab Tasks m T A S K L o g 111 t o y o u r W in d o w s V ir tu a l M a c h in e Setting-up ZAP C E H L a b M a n u a l P a g e 719 E th ic a l H a c k in g a n d C o u n te m ie a s u re s C opyright © by E C -C ouncil All Rights Reserved R epro d u ctio n is Stricdy Prohibited Module 11 - Session Hijacking 111 W in d o w s V ir tu a l M a c h in e , f o llo w th e w iz a r d - d r iv e n in s ta lla tio n s te p s to in s ta ll ZAP T o la u n c h ZAP a f te r in s ta lla tio n , m o v e y o u r m o u s e c u r s o r to th e lo w e r le f t c o r n e r o f y o u r d e s k to p a n d c lic k S tart £ Y o u can also d o w n lo ad Z A P h ttp :/ / c o d e.g o o g le c o m /p /z a p ro s y /d o w n lo a d s /lis t F IG U R E 2.1: P aros p ro s y m ain w indow C lic k ZAP 1.4 111 th e S ta r t m e n u a p p s ! 2 A t its h eart Z A PS in ail in tercep tin g pro sy Y o u n e ed to configure yo u r b ro w ser to c o n n ec t to d ie w eb application you w ish to te st th ro u g h ZA P I f required yo u can also configure Z A P to co n n ect th ro u g h a n o th e r p ro s y this is o fte n necessary in a c o rp o rate environm ent Admini-PC m 4S Mozilla Firefox Microsoft Excel 2010 SkyOiftt * ‫י‬ Safari jr © S tlim w M icrosoft PowerPoint 2010 ‫־ ־׳ ־‬ ZAP 1.4.1 £ ‫| ן‬ Microsoft Publisher 2010 (2 I f y ou k n o w h o w to set u p p ro sie s in y o u r w eb b ro w ser th e n go ahead and give it a go! I f y ou are un su re th e n have a lo o k a t the C onfiguring p ro sie s section C E H L a b M a n u a l P a g e 720 F IG U R E 2.2: P aros p ro s y m ain w indow T h e m a in in te r f a c e o f ZAP a p p e a r s , as s h o w n 111 th e f o llo w in g s c re e n sh o t I t w ill p r o m p t y o u w i t h SSL R oot CA c e r t ific a te C lic k G e n e r a te to c o n tin u e E th ic a l H a c k in g a n d C o u n te n n e a s u r e s C opyright © by E C -C ouncil All Rights Reserved R epro d u ctio n is Stricdy Prohibited Module 11 - Session Hijacking O n c e you have configured Z A P as yo u r b row ser's p ro x y th e n try to c o n n ec t to d ie w eb application yo u will be testing I f y o u can n o t c o n n ec t to it th e n check y o u r p ro s y settings again Y o u will n eed to check y o u r b row ser's p roxy settings, and also Z A P 's p ro x y settings ‫ט‬ • F IG U R E 2.3: Paros proxy main window Active scanning a ttem p ts to find p o ten tial vulnerabilities by using kn o w n attacks against the selected targets r y ‘ O p tio n s w in d o w , s e le c t D y n a m ic SSL c e r t if ic a t e s t h e n c lic k r ‫י‬ G e n e r a te to g e n e r a te a c e r tif ic a te T h e n c lic k S a v e ^ K * Options A ctive scanning is an attack o n th o se targets Y o u sh o u ld N O T use it o n w eb applications th a t y ou n o t ow n ' Options Active Scan cem n cate s Arti c s r f T0K3ns API Root CA certificate Applicators Authertc330n Ernie Force certncate I t should b e n o te d th at active scanning can only find certain types o f vulnerabilities Logical vulnerabilities, su ch as b ro k e n access c o ntro l, will n o t be fo u n d b y any active o r a u to m ated vulnerability scanning M anual p e n etra tio n testing should always be p e rfo rm ed in add itio n to active scanning to find all types o f vulnerabilities Check Fee Updates Connection Dataoase Pi5pa< Diay Ercod et)e ccde Extensions Fuzier Language Local prarr Passive Scar P oll Scan Session Tokens Spider (_2!L F IG U R E 2.4: P aros proxy m ain w indow S a v e th e c e r tif ic a te 111 th e d e f a u lt lo c a ti o n o f ZAP I f th e c e r tif ic a te a lre a d y e x is ts , r e p la c e i t w ith th e n e w o n e C E H L a b M a n u a l P a g e 721 E th ic a l H a c k in g a n d C o u n te n n e a s u r e s C opyright © by E C -C ouncil All Rights Reserved R epro d u ctio n is Strictly Prohibited Module 11 - Session Hijacking ‫וי ד‬ Options r Options c enmr.aies Active 3can *‫ «־‬CSRF TOKMS R oolC A caitncate API Actficaions u a A 11 alert is a p o ten tial ■q ■Generate j A^ntrvcaagn, vulnerability an d is associated w ith a specific request A req u est can have m o re th a n o n e alert Look m: IB Music [a l Pictures Downloads jy u ic s IB IB IB Saved Games ^ D o a n e its IB S e a rs e s Favorites JK02 hv cly ODZ3H:0**ym«1 | LtnguigK C*v*«0t ,X*•*CN0(*« ►MTxjk•; Md topt*>5‫־‬Unguises l»9 o.np uc c la = " w qfcox" I3 = " 9b rorm q* name="qn t l t l e = " E n t e r y o u r s e a r c h c e r a • t y p e t e x t * •m * ‫'— ״יי ו‬ - o n fo c n a a o c m e a t g e t E l e n e a t s y l d ■ ‫ ' ן‬3w b ‫ ן י‬ t y i e t o r d e r c o l o r = ‫ ׳‬# 3 6 ‫ = ״ ; י ם ש‬c n r iu r d o c u n c n t g e t E le n e n t B y l d I ’ 3w _bt I s t y l e •b o r d e r C o lo r - ' 9 ' ; " / X d i v • ‫ ס‬l a - 3— ‫ ״‬3 v _ d v a r ‫ ״‬x / d v x a p u t d = " sb _ fo rr t_ g o " c la 3 = " w _ q b tn " t i t l e = ■ S e a r c h " Br jte Force j* • \ Pott Scan ‫| _־‬ Furrer * | P a ta m s n Searcn | Output Alfeits f t 504 Gateway T ine 504 Gat»w3y l i n o 389ms "■ 389m sr Current Scans v :4 t 1/> C E H L a b M a n u a l P a g e 727 J File Eon vie a Analyse Repot Tools H«p 0%>0 E th ic a l H a c k in g a n d C o u n te rm e a s u re s C opyright © by E C -C ouncil All Rights Reserved R epro d u ctio n is Stricdy Prohibited Module 11 - Session Hijacking UntiMrd Session ‫ ־‬OWASP 7AP | £«e Edit v i** Analyfc• Ropoil Tools H#p ►t i r l w ‫ס‬ J S«Ufr 1_ R equest | Response^ ! leaser leu ‫״‬ i HTTP/1 200 OK C *c h *‫ ־‬C o n c ro l: p r iv a c a , r*a x -a g a -0 C cnccn ‫ ״ ־‬T y p e : c e x c / h s n l; c h a r a e t - u t f 8‫־‬ E x p ir e a : Xor., IS O c t 2012 : :1 GMT P2P: CF NOS UST COM WAV STR LOC CURa DEVa PSAa P3Da OUR IN D " Tliis to o l keeps track o f th e existing H ttp Sessions o n a particular Site and allows the Z ap ro x y u ser to force all requests to be o n a particular session Basically, it allows d ie u ser to easily sw itch betw een u ser sessions o n a Site and to create a n ew Session w ith o u t "destroying" th e existing ones Break v‫׳‬ Uo«y: red 5wct a*>B*c» < /cL v> < in pu t r d = " s b _ f orrt_go" c la s s = " s w _ q b t n " t ! t l e = " S e a r c h " Sp d-f £ GET GET B1‫*־׳‬e Force y [ T Port Scan ' Search ] Furzer j j f Params G j rrltp SfflMN.Cing corV n t p t f A w a ‫ ^־׳‬co‫״‬v Oufcut j _ Alerts f C Break Points & 504 Gateway Time 504 Gateway Time 389ms 389ms Current Scans £ ^ ^0 _ y o F IG U R E Z : Paros w ith modified trap option content N o te: H e r e w e a re c h a n g in g th e te x t C a k e s to C a rs ; th e b in g s e a r c h s h o w s C a rs , w h e r e a s th e r e s u lts d is p la y e d a r e f o r C a k e s O b s e r v e th e B ing s e a r c h w e b p a g e d is p la y e d 111 th e b r o w s e r w ith s e a r c h q u e r y a s “ C a k e s ” H ‫ב ד‬ X 2) www.bing.corn/search?q=cars&go=&qs‫־־‬n&form=QBLH&filt=all&pq=cars&sc=0 WEB LydJ I t is b ased o n d ie c o n ce p t o f Session T o k en s, w h ich are H T T P m essage p aram eters (for n o w only Cookies) w h ich allow an H T T P server to c o n n ec t a re q u e st m essage w ith any p rev io u s requests o r data stored I n th e case o f Z aproxy, conceptually, session to k en s have b een classified in to categories: default session tokens and site session tokens T h e d efau lt session to k en s are th e ones th a t th e u ser can set in die O p tio n s Screen and are to k en s th a t are, by default, autom atically co n sid ered session tokens fo r any site (eg phpsessid, jsessionid, etc) T h e site session tokens are a set o f to k en s fo r a particular site an d are usually set u p using th e p o p u p m en u s available in th e P aram s Tab IMAGES VDEOS HEWS MORE t>1nq Beta 357.0000‫ נ‬RESULTS Inaaes cflcakesl tnrq com/maces Cake W ik ip o d ia thofroooncvdopedia en w k p*d a o ‫־‬g W kt/Cake V aieties Special-purpose cakes Shapes Cake flout Cake decorating Cake ts a forrr cf bread or bread-like food In its modern forms, it is typically a sweet ba«od dessert In As oldest forms, cakoc •voro normally fnod broadc or FIGURE 2.6: Search results w indow after modifying d ie c o n te n t T h a t 's it Y o u ju s t f o r c e d a n u n s u s p e c ti n g w e b b r o w s e r to g o to a n y p a g e o f }7o u r c h o o s in g Lab A nalysis A n a ly z e a n d d o c u m e n t d ie re s u lts r e la te d to d ie la b ex e rcise G iv e y o u r o p in io n o n y o u r ta rg e t’s s e c u n ty p o s tu r e a n d e x p o s u re T o o l/U tility I n f o r m a tio n C o lle c te d /O b je c tiv e s A c h ie v e d ■ S S L c e r tif ic a te to h a c k i n t o a w e b s ite ■ R e d ir e c tin g th e r e q u e s t m a d e in B in g Z e d A t t a c k P ro x y C E H L a b M a n u a l P a g e 728 E th ic a l H a c k in g a n d C o u n te rm e a s u re s C opyright © by E C -C ouncil All Rights Reserved R epro d u ctio n is Stricdy Prohibited P L E A SE TALK TO YOUR I N S T R U C T O R IF YOU HAVE Q U E S T I O N S R E L A T E D T O T H I S LAB Q uestions E v a lu a te e a c h o f th e fo llo w in g P a r o s p r o x y o p tio n s : a T p R eq u est b T p R esp o n se c C o n tin u e B u tto n d D r o p B u tto n In te rn e t C o n n e c tio n R e q u ire d Y es □ No P la tfo rm S u p p o rte d C E H L a b M a n u a l P a g e 729 C la s s ro o m □ !L a b s E th ic a l H a c k in g a n d C o u n te m ie a s u re s C opyright © by E C -C ouncil All Rights Reserved R epro d u ctio n is Stricdy Prohibited  .. .Module 11 - Session Hijacking Hijacking Sessions Session hijacking refers to the exploitation of a valid computer session, ))herein an attachr takes over a session between two... a in s t s e s s io n h ija c k in g 111 tin s la b , y o u w ill: Tools dem onstrated in this lab are available in D:CEHToolsCEHv8 Module 11 Session Hijacking ■ I n t e r c e p t a n d m... d u ctio n is Stricdy Prohibited Module 11 - Session Hijacking ■ S 7T o o ls d e m o n str a ted in th is lab are a v a ila b le in D:CEHTools CEH v M odule 11 S e s s io n H ijacking S im u