Session Hijacking

Session Hijacking allows an attacker to masquerade as the victim on websites where the session has been successfully exploited. To accomplish this I will put a redirection proxy in-between the victims web browser and the website. An aptly named “man-in-the-Middle” attack. The goal is to trap an authentication cookie and use it on the attack machine to impersonate the victim on the website later

A session cookie caught in Burp Suite

The request started on the victim and was intended for http://dojo-scavenger. The rogue A.P forwards the request to the transparent burp proxy, which copies the it and forwards it to the original destination. Burp copies the response as well, and sends it back to the victim to complete the communication. After capturing the cookie, I can include it with future requests to the site to impersonate that user's session until it expires. A simple way to do this is with a plugin for the Firefox Web Browser that allows you to manually define cookies for a site.

Inserting a trapped cookie into a browsing session