Upload
mehrdad-jingoism
View
340
Download
8
Tags:
Embed Size (px)
DESCRIPTION
Citation preview
C E H L a b M a n u a l
S e s s i o n H i j a c k i n g
M o d u l e 1 1
M odule 11 - S e ss io n H ijack in g
H i j a c k i n g S e s s i o n s
Session hijacking refers to the exploitation o f a valid computer session, ))herein an a tta c h r takes over a session between two computers.
L a b S c e n a r io
S o u rc e : h t t p : / / k r e b s o n s e c u r i t v . c o m / 2 0 1 2 / 1 1 / y a h o o - e m a i l - s t e a l in g - e x p lo i t -
f e t c h e s - 7 ()(!)
A c c o r d in g to K r e b s o n S e c u r i t y n e w s a n d in v e s t ig a t io n , z e r o - d a v v u ln e r a b i l i t y 111
y a h o o .c o m t h a t le t s a t t a c k e r s h i j a c k Y a h o o ! e m a i l a c c o u n t s a n d r e d i r e c t u s e r s to
m a l ic io u s w e b s i t e s o t t e r s a f a s c in a t in g g l im p s e in t o th e u n d e r g r o u n d m a r k e t f o r
la r g e - s c a le e x p lo i ts .
T h e e x p lo i t , b e in g s o ld f o r S 7 0 0 b y a n E g y p t i a n h a c k e r o n a n e x c lu s iv e
c y b e r c r im e f o r u m , ta r g e ts a “ c r o s s - s i t e s c r ip t i n g ” (X S S ) w e a k n e s s i n v a h o o .c o m
t h a t le t s a t t a c k e r s s te a l c o o k ie s f r o m Y a h o o ! w e b m a i l u s e r s . S u c h a f la w w o u ld
le t a t t a c k e r s s e n d o r r e a d e m a i l f r o m th e v i c t i m ’s a c c o u n t . 111 a ty p ic a l X S S
a t t a c k , a n a t t a c k e r s e n d s a m a l ic io u s l in k to a n u n s u s p e c t in g u s e r ; i f th e u s e r
c l ic k s th e l in k , th e s c r ip t is e x e c u te d , a n d c a n a c c e s s c o o k ie s , s e s s io n to k e n s , o r
o t h e r s e n s i t iv e i n f o r m a t i o n r e t a in e d b y th e b r o w s e r a n d u s e d w i th t h a t s i te .
T h e s e s c r ip ts c a n e v e n r e w r i t e th e c o n t e n t o f th e H T M L p a g e .
K r e b s O n S e c u r i t y .c o m a le r te d Y a h o o ! t o th e v u ln e r a b i l i ty , a n d th e c o m p a n y
sa y s i t is r e s p o n d i n g to th e is s u e . R a m s e s M a r t in e z , d i r e c to r o f s e c u r i ty a t
Y a h o o ! , s a id th e c h a l le n g e n o w is w o r k in g o u t th e e x a c t v a h o o .c o m U R L th a t
t r ig g e r s th e e x p lo i t , w h ic h is d i f f ic u l t t o d is c e r n f r o m w a tc h in g th e v id e o .
T h e s e ty p e s o t v u ln e r a b i l i t ie s a re a g o o d r e m in d e r to b e e s p e c ia l ly c a u t io u s
a b o u t c l ic k in g l in k s 1 1 1 e m a i ls f r o m s t r a n g e r s o r 1 1 1 m e s s a g e s t h a t y o u w e r e n o t
e x p e c t in g .
B e in g a n d a d m i n i s t r a t o r y o u s h o u ld im p le m e n t s e c u r i ty m e a s u r e s a t A p p l ic a t io n
le v e l a n d N e t w o r k le v e l to p r o t e c t y o u r n e tw o r k f r o m s e s s io n h i ja c k in g .
N e t w o r k le v e l h i ja c k s is p r e v e n t e d b y p a c k e t e n c r y p t io n w h ic h c a n b e o b ta i n e d
b y u s in g p r o t o c o l s s u c h a s I P S E C , S S L , S S H , e tc . I P S E C a l lo w s e n c r y p t io n o f
p a c k e t s o n s h a r e d k e y b e tw e e n th e tw o s y s te m s in v o lv e d 1 1 1 c o m m u n ic a t io n .
A p p l ic a t io n - le v e l s e c u r i ty is o b t a i n e d b y u s in g s t r o n g s e s s io n I D . S S L a n d S S H
a ls o p r o v i d e s s t r o n g e n c r y p t io n u s i n g S S L c e r t i f ic a te s t o p r e v e n t s e s s io n
h i ja c k in g .
L a b O b je c t iv e s
T h e o b je c t iv e o f th i s la b is t o h e lp s u i d e n t s l e a r n s e s s io n h i j a c k in g a n d ta k e
n e c e s s a r y a c t i o n s to d e f e n d a g a in s t s e s s io n h i ja c k in g .
1 1 1 th i s la b , y o u w ill:
■ I n t e r c e p t a n d m o d i tv w e b t r a f f ic
I C O N K E Y
& V a lu a b le i n f o r m a t i o n
T e s t y o u r k n o w le d g e
H W e b e x e r c is e
m W o r k b o o k r e v ie w
Eth ica l H acking and Countemieasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Stricdy Prohibited.
C E H Lab M anual Page 716
M odule 11 - S e ss io n H ijack in g
■ S im u la te a T r o ja n , w h ic h m o d i f i e s a w o r k s t a t i o n 's p r o x y s e r v e r s e t t in g s
L a b E n v ir o n m e n t
T o c a r ry o u t tin s , v o u n e e d :
■ A c o m p u te r m im in g Windows Server 2012 as host machine
■ T li is la b w ill m n o n Windows 8 v ir tu a l m a c h in e
■ W e b b r o w s e r w i th I n t e r n e t a c c e ss
■ A d m in is t r a t iv e p riv ile g e s to c o n f ig u re s e ttin g s a n d m n to o ls
L a b D u r a t io n
T im e : 2 0 M in u te s
O v e r v ie w o f S e s s io n H ija c k in g
S e ss io n h ija c k in g re fe rs to th e exploitation o f a v a lid c o m p u te r s e s s io n w h e r e a n
a tta c k e r takes over a s e s s io n b e tw e e n tw o c o m p u te r s . T h e a tta c k e r steals a v a lid
s e s s io n I D , w h ic h is u s e d to g e t in to th e s y s te m a n d sniff th e d a ta .
111 TCP session lu ja c k in g , a n a tta c k e r ta k e s o v e r a T C P s e s s io n b e tw e e n tw o
m a c h in e s . S in ce m o s t authentications o c c u r o n ly a t th e s ta r t o f a T C P se s s io n , th is
a llo w s th e a tta c k e r to gain access to a 1 1 1a c lim e .
L a b T a s k s
P ic k a n o rg a n iz a t io n d ia t y o u fe e l is w o r th y o f y o u r a t te n t io n . T in s c o u ld b e a n
e d u c a t io n a l in s t i tu t io n , a c o m m e rc ia l c o m p a n y , o r p e r h a p s a n o n p r o t i t c h a n ty .
R e c o m m e n d e d la b s to a s s is t y o u 111 s e s s io n lu jack m g :
י S e s s io n lu ja c k in g u s in g ZAP
L a b A n a ly s is
A n a ly z e a n d d o c u m e n t d ie re s u lts r e la te d to th e la b ex e rc ise . G iv e y o u r o p in io n o n
y o u r ta r g e t’s s e c u r ity p o s m r e a n d e x p o s u re .
P L E A S E T A L K T O Y O U R I N S T R U C T O R I F Y O U H A V E Q U E S T I O N S
R E L A T E D T O T H I S L A B .
S 7 Tools demonstrated in this lab are available in D:\CEH- Tools\CEHv8 Module 11 Session Hijacking
m. TASK 1Overview
Eth ica l H acking and Countermeasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Stricdy Prohibited.
C E H Lab M anual Page 717
M odule 11 - S e ss io n H ijack in g
L a b
S e s s i o n H i j a c k i n g U s i n g Z e d A t t a c k
P r o x y ( Z A P )
The O W A S P Z ed A tta c k P roxy (Z A P ) is an easy-to-use integratedpenetration testing tool fo r fin d in g vulnerabilities in n .eb applications׳
L a b S c e n a r io
A tta c k e r s a r e c o n t i n u o u s l y w a tc h in g f o r w e b s i t e s t o h a c k a n d d e v e lo p e r s m u s t
b e p r e p a r e d to c o u n te r - a t t a c k m a l ic io u s h a c k e r s b y w r i t in g s t r o n g s e c u r e c o d e s .
A c o m m o n f o r m o f a t t a c k is s e s s io n h i ja c k in g , i .e ., a c c e s s in g a w e b s i t e u s in g
s o m e o n e e ls e ’s s e s s io n I D . A s e s s io n I D m i g h t c o n ta i n c r e d i t c a r d d e ta i ls ,
p a s s w o r d s , a n d o t h e r s e n s i t iv e i n f o r m a t i o n t h a t c a n b e m i s u s e d b y a h a c k e r .
S e s s io n h i j a c k in g a t t a c k s a re p e r f o r m e d e i t h e r b y s e s s io n I D g u e s s in g 0 1 b ־ y
s to le n s e s s io n I D c o o k ie s . S e s s io n I D g u e s s in g in v o lv e s g a th e r in g a s a m p le o f
s e s s io n I D s a n d “ g u e s s in g ” a v a l id s e s s io n I D a s s ig n e d to s o m e o n e e ls e . I t is
a lw a y s r e c o m m e n d e d n o t t o r e p la c e A S P .N E T s e s s io n I D s w i th I D s o f y o u r
o w n , a s th is w ill p r e v e n t s e s s io n I D g u e s s in g . S to le n s e s s io n I D c o o k ie s s e s s io n
h i j a c k in g a t t a c k c a n b e p r e v e n t b y u s in g S S L ; h o w e v e r , u s in g c r o s s - s i te s c r ip t i n g
a t t a c k s a n d o t h e r m e t h o d s , a t t a c k e r s c a n s te a l th e s e s s io n I D c o o k ie s . I f a n
a t t a c k e r g e ts a h o ld o f a v a l id s e s s io n I D , t h e n A S P .N E T c o n n e c t s t o th e
c o r r e s p o n d in g s e s s io n w i th 1 1 0 f u r th e r a u th e n t i c a t io n .
T h e r e a r e m a n y to o l s e a s ily a v a i la b le n o w th a t a t t a c k e r s u s e t o h a c k in t o
w e b s i t e s 0 1 u ־ s e r d e ta i ls . O n e o f th e to o l s is F i r e s h e e p , w h ic h is a n a d d - 0 1 1 f o r
F i r e f o x . W h i l e y o u a re c o n n e c t e d to a n u n s e c u r e w ir e le s s n e tw o r k , t in s F i r e f o x
a d d - 0 1 1 c a n s n i f f th e n e tw o r k tr a f f i c a n d c a p tu r e a ll y o u r i n f o r m a t i o n a n d
p r o v i d e i t to th e h a c k e r 1 1 1 t h e s a m e n e tw o r k . T h e a t t a c k e r c a n n o w u s e t in s
i n f o r m a t io n a n d lo g in a s y o u .
A s a n e t h i c a l h a c k e r , p e n e t r a t i o n t e s te r , 0 1 s e c u r i t y a d m i n i s t r a t o r , y o u
s h o u ld b e fa m il ia r w i th n e tw o r k a n d w e b a u th e n t i c a t i o n m e c h a n i s m s . I n y o u r
r o le o f w e b s e c u r i ty a d m i n i s t r a t o r , y o u n e e d to t e s t w e b s e r v e r t r a f f ic f o r w e a k
s e s s i o n ID s , in s e c u r e h a n d l in g , i d e n t i t y t h e f t , a n d i n f o r m a t i o n l o s s . A lw a y s
e n s u r e t h a t y o u h a v e a n e n c r y p t e d c o n n e c t io n u s in g h t t p s w h ic h w il l m a k e th e
s n i f f in g o f n e tw o r k p a c k e t s d i f f ic u l t f o r a n a t t a c k e r . A l te r n a t iv e ly , Y P N
1 C <O N K E Y
(7 ~ / V a lu a b le
i n f o r m a t i o n
y 5 T e s t y o u r
k n o w le d g e
= W e b e x e r c is e
m W o r k b o o k r e v ie w
Eth ica l H acking and Countemieasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Stricdy Prohibited.
C E H Lab M anual Page 718
M odule 11 - S e ss io n H ijack in g
c o n n e c t io n s t o o c a n b e u s e d to s ta y s a f e a n d a d v is e u s e r s t o lo g o f f o n c e th e y
a re d o n e w i th th e i r w o r k . 111 t in s la b y o u w ill l e a r n to u s e Z A P p r o x y to
i n t e r c e p t p r o x ie s , s c a n n in g , e tc .
L a b O b je c t iv e s
T h e o b je c t iv e o f t in s la b is t o h e lp s t u d e n t s l e a r n s e s s io n ln ja c k n ig a n d h o w to
ta k e n e c e s s a r y a c t i o n s t o d e f e n d a g a in s t s e s s io n ln ja c k n ig .
1 1 1 t in s la b , y o u w ill:
■ I n t e r c e p t a n d m o d i f y w e b tr a f f i c
■ S im u la te a T r o ja n , w h ic h m o d i f i e s a w o r k s t a t i o n 's p r o x y s e r v e r s e t t in g s
L a b E n v ir o n m e n t
T o c a n y o u t th e la b , y o u n e e d :
■ P a r o s P ro x y lo c a te d a t D :\C E H -T o o ls\C E H v 8 M o d u le 11 S e s s i o n
H i ja c k in g \S e s s io n H ija c k in g T o o ls \Z a p r o x y
■ Y o u c a n a ls o d o w n lo a d th e l a t e s t v e r s io n o f Z A P f r o m th e l in k
h t t p : / / c o d e .g o o g l e . c o m / p / z a p r o x y / d o w n l o a d s / l i s t
■ I f y o u d e c id e t o d o w n lo a d th e l a t e s t v e r s i o n , t h e n s c r e e n s h o t s s h o w n
1 1 1 t h e la b m i g h t d i f f e r
■ A s y s te m w i th r u n n in g W in d o w s S e rv e r 2 0 1 2 H o s t M a c ln n e
י R u n tin s to o l m W in d o w s 8 Y n tu a l M a c h in e
י A w e b b r o w s e r w i th I n t e r n e t a c c e ss
י A d m in is t r a t iv e p r iv ile g e s to c o n f ig u re s e ttin g s a n d m n to o ls
י E n s u r e th a t J a v a R u n T im e E n v i r o n m e n t (J R E ) 7 (o r a b o v e ) is n is ta lle d . I f
n o t , g o to h t t p : / / i a v a . s u n .c o m / i2 s e to d o w n lo a d a n d n is ta ll it.
L a b D u r a t io n
T n n e : 2 0 M in u te s
O v e r v ie w o f Z e d A t t a c k P r o x y (Z A P )
Z e d A t ta c k P ro x y (Z A P ) is d e s ig n e d to b e u s e d b y p e o p le w i th a w id e ra n g e o f
se c u r ity e x p e r ie n c e a n d as s u c h is id e a l f o r d e v e lo p e rs a n d fu n c t io n a l te s te rs w h o a re
n e w to p e n e t r a t io n te s t in g a s w e ll as b e n ig a u s e fu l a d d it io n to a n e x p e n e n c e d p e n
te s te r ’s to o lb o x . I t s fe a tu re s m c lu d e m te rc e p tn ig p ro x y , a u to m a te d s c a n n e r , p a s s iv e
s c a n n e r , a n d sp id e r .
L a b T a s k s
1. L o g 1 1 1 t o y o u r W in d o w s 8 Y i r tu a l M a c h in e .
Tools demonstrated in this lab are available in D:\CEH- Tools\CEHv8 Module 11 Session Hijacking
m. TASK 1
Setting-up ZAP
Eth ica l H acking and Countermeasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Stricdy Prohibited.
C E H Lab M anual Page 719
M odule 11 - S e ss io n H ijack in g
A d m in i-P C £
! 2 2 A t i ts h e a r t Z A P S in
a n in te r c e p t in g p ro s y . Y o u
n e e d t o c o n f ig u r e y o u r
b ro w s e r t o c o n n e c t t o d ie
w e b a p p lic a t io n y o u w is h
t o te s t th r o u g h Z A P . I f
re q u ir e d y o u c a n a ls o
c o n f ig u r e Z A P t o c o n n e c t
t h r o u g h a n o th e r p r o s y -
th is is o f t e n n e c e s s a ry i n a
c o rp o ra te e n v ir o n m e n t.
3.
2 .
F I G U R E 2 .1 : P a ro s p r o s y m a in w in d o w
C lic k Z A P 1 .4 .1 1 1 1 t h e S t a r t m e n u a p p s .
1 1 1 W in d o w s 8 Y irU ia l M a c h in e , f o l lo w th e w iz a r d - d r iv e n in s ta l la t io n
s te p s to in s ta l l Z A P .
T o l a u n c h Z A P a f te r in s ta l la t io n , m o v e y o u r m o u s e c u r s o r t o th e lo w e r -
le f t c o r n e r o f y o u r d e s k t o p a n d c l ic k S t a r t .
£ 7 Y o u c a n a lso
d o w n lo a d Z A P
h t t p : / / c o d e .g o o g le .c o m /p
/ z a p r o s y / d o w n lo a d s / l is t
m 4 SSkyOiftt
ZAP 1.4.1 Safari
jr ©
* יt lim w
MozillaFirefox
Microsoft Excel 2010
S
ן ־ | ׳ ־ ־
MicrosoftPowerPoint2010
(2
MicrosoftPublisher2010
F I G U R E 2 .2 : P a ro s p r o s y m a in w in d o w
5. T h e m a i n i n t e r f a c e o f Z A P a p p e a r s , a s s h o w n 1 1 1 t h e f o l lo w in g
s c r e e n s h o t .6 . I t w ill p r o m p t y o u w i th S S L R o o t C A c e r t i f i c a t e . C lic k G e n e r a t e to
c o n t in u e .
I f y o u k n o w h o w to
s e t u p p ro s ie s in y o u r w e b
b ro w s e r t h e n g o a h e a d a n d
g iv e i t a g o !
I f y o u a re u n s u re th e n h a v e
a lo o k a t th e C o n f ig u r in g
p ro s ie s s e c tio n .
Eth ica l H acking and Countenneasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Stricdy Prohibited.
C E H Lab M anual Page 720
M odule 11 - S e ss io n H ijack in g
O n c e y o u h a v e
c o n f ig u r e d Z A P as y o u r
b ro w s e r 's p r o x y th e n t r y to
c o n n e c t t o d ie w e b
a p p lic a t io n y o u w i l l b e
te s t in g . I f y o u c a n n o t
c o n n e c t t o i t t h e n c h e c k
y o u r p r o s y s e tt in g s a ga in .
Y o u w i l l n e e d to c h e c k
y o u r b ro w s e r 's p r o x y
s e tt in g s , a n d a ls o Z A P 's
p r o x y s e tt in g s .
ט • . . F IG U R E 2.3: P a ros p ro x y m a in w in d o wActive scanning r ‘a tte m p ts to f in d p o te n t ia l y ^ O p t i o n s w in d o w , s e le c t D y n a m ic S S L c e r t i f i c a t e s t h e n c lic kvulnerabilities by using r יk n o w n a tta c k s a g a in s t th e G e n e r a t e t o g e n e r a t e a c e r t i f ic a te . T h e n c lic k S a v e .s e le c te d ta rg e ts .
A c t iv e s c a n n in g is a n a tta c k
o n th o s e ta rg e ts . Y o u
s h o u ld N O T u s e i t o n w e b
a p p lic a t io n s th a t y o u d o
n o t o w n .
I t s h o u ld b e n o te d th a t
a c t iv e s c a n n in g c a n o n ly
f in d c e r ta in ty p e s o f
v u ln e ra b il i t ie s . L o g ic a l
v u ln e ra b il i t ie s , s u c h as
b ro k e n access c o n t r o l , w i l l
n o t b e fo u n d b y a n y a c tiv e
o r a u to m a te d v u ln e r a b i l i t y
s c a n n in g . M a n u a l
p e n e t r a t io n te s t in g s h o u ld
a lw a y s b e p e r fo r m e d in
a d d it io n to a c t iv e s c a n n in g
to f in d a ll ty p e s o f
v u ln e ra b il i t ie s .
8. S a v e th e c e r t i f ic a te 1 1 1 t h e d e f a u l t l o c a t io n o f Z A P . I f th e c e r t i f ic a te
a l r e a d y e x is ts , r e p la c e i t w i th th e n e w o n e .
D־ IOptionscem ncaies
(_2!L 1
Root CA certificate
' OptionsActive ScanArti c s r f T0K3nsAPIApplicatorsAuthertc330nErnie ForcecertncateCheck Fee l!p<iatesConnectionDat3D3sePi5pa<_____DiayE r code t)e ccde Extensions Fuzier Language Local prarך Passive Scar Pon Scan Session Tokors Spider
F I G U R E 2 .4 : P a ro s p r o x y m a in w in d o w
Eth ica l H acking and Countermeasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Stricdy Prohibited.
C E H Lab M anual Page 721
M odule 11 - S e ss io n H ijack in g
u a A 11 a le r t is a p o te n t ia l
v u ln e r a b i l i t y a n d is
a s s o c ia te d w i t h a s p e c if ic
re q u e s t. A re q u e s t c a n h a v e
m o re th a n o n e a le r t.
9. C lic k O K in th e O p t i o n s w in d o w .
Q ־ J A n t i C S R F to k e n s are
(p s e u d o ) ra n d o m
p a ra m e te rs u s e d t o p r o te c t
a g a in s t C ro s s S ite R e q u e s t
F o rg e r y (C S R F ) a tta c k s .
H o w e v e r th e y a ls o m a k e a
p e n e t r a t io n te s te rs jo b
h a rd e r , e s p e c ia lly i f th e
to k e n s a re re g e n e ra te d
e v e ry t im e a f o r m is
re q u e s te d .
10 . Y o u r P a r o s p r o x y s e r v e r is n o w r e a d y to i n t e r c e p t r e q u e s ts .
Oויד ptions
c enmr.aies
MI 103: CCAsaaAwIBAal: JMz •♦ur JK02 . hv clyHlc9X0VN0TFplZC3BdHahV;«cUHJv»HVj-Jn9vdCBI|r ODZ3H:0<OCTu7t»MMa0CXt'KC<3(wNTl *a:!‘. ן
RoolCAcaitncate
■p■ Generate j
r Options Active 3can
1 CSRF TOK&aS*־« APIActficaions __,Antrvcaagn
tit II a 1, a inn! t> 1Look m: IB A d r tn iP C
IB Contacts IB Music |Q | owasp_zap_root_ca.cer 1□ es to p M Pictures
IB Downloads IB VideosIB Favorites IB OV/ASP ZAPj y u i c s IB Saved Games
1 ^ Documents IB S e a rs e s
Pie Name־ |owasp_zap_roct_ca cer |
Flos DfTypo A IFios_______________
3dre . 1 ןew"־ .
F I G U R E 2 .5 : P a ro s p r o x y m a in w in d o w
Eth ica l H acking and Countenneasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Strictly Prohibited.
C E H Lab M anual Page 722
M odule 11 - S e ss io n H ijack in g
£ile Cdit View Maiy5e Report Toaa Helpsji D U ־, 0 id נ V © « ־ » ► 0
] s»«§Q__ | KsquMI | Nespcrs*v= J Brea* . j
Untitled Session ־ OWASP 7AP
H©3c«r •xt ▼J Body: I •xt _▼) lT־l i
ActvoScan $ f SpidorS ; Brute Force ^ ) Port Scan : } Fuzzsri, ] PararrtSLj [ 3utputAJ9:t3Break Points v-i
Filter.CFF
ft 0 0_ 0current scansAieits ^ 0 k-0 . 0 ao
F I G U R E 2 .7 : P a ro s p r o x y m a in w in d o w
11 . L a u n c h a n y w e b b r o w s e r , 1 1 1 th i s k b w e a re u s in g th e C h r o m e b r o w s e r .
12 . Y o u r V M w o r k s t a t io n s h o u l d h a v e C h r o m e v e r s i o n 2 2 . 0 o r l a t e r
in s ta l le d .
13 . C h a n g e th e P r o x y S e r v e r s e t t i n g s 1 1 1 C h r o m e , b y c l ic k in g th e
C u s t o m i z e a n d c o n t r o l G o o g le C h r o m e b u t t o n , a n d t h e n c lic k
S e t t i n g s .
New tabNew vwodowNr*■ inccgniro windowBocfcmiria
Cut Cop, P»ae Q - .להגו -
EM
S«vt p»9«Find...
Tods
Sign in t« Chion**..
Tab
M C י Foi quick k cc ; place ycur bsotrnarfa hr* an Sie tn tro t i bs׳
r«T |0 זי0יי< • W«b S:c׳#
m Z A P d e te c ts a n t i
C S R F to k e n s p u r e ly b y
a t t r ib u te n a m e s - th e l is t o f
a t t r ib u te n a m e s c o n s id e re d
to b e a n t i C S R F to k e n s is
c o n f ig u r e d u s in g th e
O p t io n s A n t i C S R F s c re e n .
W h e n Z A P d e te c ts the se
to k e n s i t re c o rd s d ie to k e n
v a lu e a n d w h ic h U R L
g e n e ra te d th e to k e n .
F IG U R E 2.8: I E In te rn e t O p t io n s w in d o w
14 . O n th e G o o g le C h r o m e S e t t in g s p a g e , c l ic k th e S h o w a d v a n c e d
s e t t i n g s . . . l in k b o t t o m o f th e p a g e , a n d t h e n c lic k th e C h a n g e p r o x y
s e t t i n g s . . . b u t t o n .L U s i Z A P p ro v id e s a n
A p p l ic a t io n P ro g r a m m in g
In te r fa c e ( A P I) w h ic h
a l lo w s y o u t o in te r a c t w i t h
Z A P p ro g ra m m a t ic a l ly .
T h e A P I is a v a ila b le in
J S O N , H T M L a n d X M L
fo r m a ts . T h e A P I
d o c u m e n ta t io n is a v a ila b le
v ia th e U R L h t t p : / / z a p /
w h e n y o u a re p r o x y in g v ia
Z A P .
Eth ica l H acking and Countenneasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Stricdy Prohibited.
C E H Lab M anual Page 723
M odule 11 - S e ss io n H ijack in g
־« ־ ■»* C Li r rorr*//chrome/settings/
Chrome Settings
Ocoy't ihc'H o 1&ng jcuf tcnpvtar't 1,111״! prwy 1«M!״ ji to cenntct (0 tht nctwoi I Ch»»91 p>**y 1«1י» |
LtnguigKC*v*«0t *x•• CN0(*« ►MTxjk•; Md topt*>5־ Unguises
l»9<׳u»9« «td ifxa-<t1«<k<( *dings...«/ Cfltris t»*n*i*te a»cr» IKx irm'l in 1 Language I read
Dsvmlc*d k-n&ott C'.C1er1’.AdrTw1\Eownlc«<fe Change..[I *•4 n» t 10 «K» fifc Mc׳i dc*״l<w<)1"9
HTTPVSSLM«^e(0t1Aul6-
_ Chedtforseva certrfieaterrwocjbon
Google Ooud PnntGoogle Cloud Mrs las you seeett th« ee»np«jter 5 printers from anyv.here Click to enab
B30tg־w,־d apes•i Co־׳<׳v* v «9 t*v91-״c-j־׳ J tfi-. *f־«n0ocgl«Ch1cn
Hide * נ«<י׳*.ג $ ׳?**זז* ,
F I G U R E 2 .9 : P a ro s p r o x y m a in w in d o w
15 . 111 I n t e r n e t P r o p e r t i e s w iz a r d , c lic k C o n n e c t i o n s a n d c lic k LAN
S e t t i n g s .
Internet Properties
General Security Privacy Content |"Connections [ Prpgrame *\dvanced
To set up an Interne: connection, dek SetupSetup.
Dial-up and Virtual Private Network settings
Settirgc
% Never da a ccmeoonC) Oiai whenever a network connection is not present Always dal my defait ccnnection '־4
Cure־* None Set defaultLocal Area Network (LAN) settingsLAS Settrtgsdo not apoly to dialup connections. | LAN settings | Choose Settngs aoove for dal ■up settngs.
F IG U R E 2 .10: I E In te rn e t O p t io n s w in d o w w i t h C o n n e c tio n s ta b
16 . C h e c k U s e a p r o x y s e r v e r f o r y o u r L A N , ty p e 1 2 7 .0 .0 1 1 1 1 t h e A d d r e s s ,
e n t e r 8 0 8 0 1 1 1 t h e P o r t t ie ld , a n d c lic k O K .
Q=a! C l ic k O K s e v e ra l
t im e s u n t i l a l l c o n f ig u r a t io n
d ia lo g b o x e s a re c lo s e d .
Eth ica l H acking and Countemieasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Strictly Prohibited.
C E H Lab M anual Page 724
M odule 11 - S e ss io n H ijack in g
Local Area Network (LAN) Settings
Automatic configurationAutomatic configuration may override manual settings. To ensure the use of manual settings, disable automatic configuration.@ Automaticaly detect settings□ Use automatic configuration script
AddressProxy server
raLlse a proxy server for your LAN (These settings will not apply to LJdial-up or VPN connections).
Port: | 8080| | Advanced127.0.0.1Address:
Bypass proxy server for local addresses
Cancel
£ Q I t s h o u ld b e n o te d
th a t d ie r e is m in im a l
s e c u r ity b u i l t in t o th e A P I ,
w h ic h is w h y i t is d is a b le d
b y d e fa u lt . I f e n a b le d th e n
th e A P I is a v a ila b le t o a ll
m a c h in e s th a t a re a b le t o
u se Z A P as a p ro x y . B y
d e fa u l t Z A P lis te n s o n ly o n
'lo c a lh o s t ' a n d s o c a n o n ly
b e u s e d f r o m th e h o s t
m a c h in e .
T h e A P I p ro v id e s access to
th e c o re Z A P fe a tu re s s u c h
as d ie a c tiv e s c a n n e r a n d
s p id e r . F u tu re v e rs io n s o f
Z A P w i l l in c re a s e th e
fu n c t io n a l i t y a v a ila b le v ia
th e A P i .
F IG U R E 2 1 1 : I E In te rn e t O p t io n s W in d o w w id i P ro x y S e ttings W in d o w
17 . C lic k S e t b r e a k o n a l l r e q u e s t s a n d S e t b r e a k o n a l l r e s p o n s e s to
t r a p a ll th e r e q u e s t s a n d r e s p o n s e s f r o m th e b r o w s e r .
Untitled Smsioo - OWASP 7AP5-------------£ 11• EJlt V'lfr* AJUlyb• R»po!l T0Jt* H*ppybiifci g o / ► e ~J Sites(*׳ j________________ Request- ] Response*- [ Break X ]
[Header Icxi * jtoay: Text ▼j PI_ Sites
~-j Furrer W . ParamsLJActive Scan A Spdet | Brute Force v דז
Current Scans £ 0 • * 0 ״ 0
F I G U R E 2 .1 2 : P a ro s p r o x y m a in w in d o w
18 . N o w n a v ig a te to a c h r o m e b r o w s e r , a n d o p e n w w w .b in g .c o m .
19 . S ta r t a s e a r c h f o r “ C a r s . ”
2 0 . O p e n Z A P , w h ic h s h o w s f i r s t t r a p p e d in c o m in g w e b tr a f f ic .
2 1 . O b s e r v e th e f i r s t f e w l in e s o f th e t r a p p e d t r a f f ic 1 1 1 t h e t r a p w in d o w s ,
a n d k e e p c l ic k in g S u b m i t a n d s t e p t o n e x t r e q u e s t o r r e s p o n s e u n t i l
y o u s e e c a r s 1 1 1 t h e G E T r e q u e s t 1 1 1 t h e B r e a k ta b , a s s h o w n 1 1 1 t h e
f o l lo w in g s c r e e n s h o t .
TASK 2o
H ija c k in g V ic t im ’s S e s s io n
m Z A P a llo w s y o u t o t r y
t o b ru te fo r c e d ire c to r ie s
a n d f ile s .
A s e t o f f i le s a re p ro v id e d
w h ic h c o n ta in a la rg e
n u m b e r o f f i le a n d
d ir e c to r y n a m e s .
m A b re a k p o in t a llo w s
y o u to in te r c e p t a re q u e s t
f r o m y o u ! b ro w s e r a n d to
c h a n g e i t b e fo re is is
s u b m it te d to d ie w e b
a p p lic a t io n y o u a re te s t in g .
Y o u c a n a ls o c h a n g e th e
re s p o n s e s re c e iv e d f r o m
th e a p p lic a t io n T h e re q u e s t
o r re s p o n s e w i l l b e
d is p la y e d in th e B re a k ta b
w h ic h a l lo w s y o u t o c h a n g e
d is a b le d o r h id d e n f ie ld s ,
a n d w i l l a l lo w y o u to
b y p a s s c l ie n t s id e v a l id a t io n
( o f te n e n fo rc e d u s in g
ja v a s c r ip t) . I t is a n e s s e n tia l
p e n e t r a t io n te s t in g
te c h n iq u e .
Eth ica l H acking and Countermeasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Stricdy Prohibited.
C E H Lab M anual Page 725
M odule 11 - S e ss io n H ijack in g
£de Euit VtaA Anaiyfc* Ropoil Tools H«p
to k i ו־ו u i כי Q v CP 4-׳ £> |> ©
| Sites* ן Request-v | Response־*־ \ Break >41
UntiMrd Session ־ OWASP 7AP
Metr.03 Heoaer: re*1 *j uoav:ו ext ▼J
hctp://wvw.blng.com/*»arch?q=5»Kgos&qa-nfcrcim=0BlJUfllt-alltpg^c4^).*e^0-0 43p־ -:sak- HTTP/1.1 Hose: wvw.Mng.cox Proxy-Connection: keep-aliveU3er A;er.־ : Mozilla/S.G !Windows NT 6.2; KOW64) AcpleWecKit/S37.4 (KHTHL, . .lire secJc:. cnrone/22.0.1229.94 saran/537.4Accept: text /her! , appl i cation/xhtml■*• xml f appl ica tion / xml; q-0.9, * / * ; q- 0 . 8 Rererer: http://vwv.b1ng. con/Accept-Encoding: 3tier.Irrrr.T-:j-.rsr.;/\cv - rn -"^ rn-n-H P,______ ___________________________________ I
F® Gilesw*־/r«1p א 3) ang con
SpidwffiAl&its f tSearcn
Current Scans £ 0 # 1 »-0 0*1»m »c 11 י 0 1 ׳
F IG U R E 2.6 : P a ros P ro x y w i t h T ra p o p t io n c o n te n t
2 2 . N o w c h a n g e th e q u e r y t e x t f r o m C a r s to C a k e s i n t h e G E T r e q u e s t .
llntiWea Session - OWASP 7AP£4e Ealt VI«* Analyk• Ropoit Toole H«p
Request-v | Response^ [ Break I
MetioO * j [Header. Ted )■] | Body Tot
GEThctp: // w » . ting. com/ search ?q=fcake3^go=tq3=n* rorm=QBI.Htf 1 lc-al l*pq Calcesfrsc-0 -:43p—l&ak- HTTP/1.1 Hose: vw.Ding, cox Proxy-Coonection: lreep-aliveUaer-Asenz: Mozilla/S.O !Windows NT 6.2; KCW64) AcpleWeCK1537.4/ ־ (KHTML, . l i t ־ Geclccj CHzone/22.0.1229.94 SaEan/537.4Acccpt: text/h tm l, appli cation/xhtml־!־ xml, appl ica tion/xm l; q-0.9, * / * ; q—C. 6 Rererer: £ ttp : / /v /v.bxr.g.con־.״־Accept-Encoding: sdcfcI r r . - r . T rn-T.^ rn ־ n-a P. . 1־
J Sites I* |_f t R Sites,
mtp/'A^.otngcom .־: Q
*JfcltS f tSearcn -v
504 catowav n m o . 388mc504 Gateway Time... 389ms,
1 A1«1te מ 0 י 0 ז ■׳1
2 3 . C lic k S u b m i t a n d s t e p t o n e x t r e q u e s t o r r e s p o n s e .
2 4 . S e a r c h f o r a t i t le i n th e R e s p o n s e p a n e a n d r e p la c e C a k e s w i th C a r s as
s h o w n 1 1 1 f o l lo w in g f ig u re .
m F i l te rs a d d e x tra
fe a tu re s th a t c a n b e a p p lie d
t o e v e ry re q u e s t a n d
re s p o n s e . B y d e fa u l t n o
f i l te r s a re in i t ia l ly e n a b le d .
E n a b l in g a l l o f th e f i l te r s
m a y s lo w d o w n d ie p ro x y .
F u tu re v e rs io n s o f d ie Z A P
U s e r G u id e w i l l d o c u m e n t
th e d e fa u l t f i l te r s i n d e ta il.
L y = i F u z z in g is c o n f ig u r e d
u s in g th e O p t io n s F u z z in g
s c re e n . A d d i t io n a l fu z z in g
f i le s c a n b e a d d e d v ia th is
s c re e n o r c a n b e p u t
m a n u a lly in t o th e " f i iz z e r s "
d ir e c to r y w h e re Z A P w a s
in s ta l le d - th e y w i l l th e n
b e c o m e a v a ila b le a f te r
r e s ta r t in g Z A P .
L y j ! T h e re q u e s t o r
re s p o n s e w i l l b e d is p la y e d
i n th e B re a k ta b w h ic h
a l lo w s y o u t o c h a n g e
d is a b le d o r h id d e n f ie ld s ,
a n d w i l l a l lo w y o u to
b y p a s s c l ie n t s id e v a l id a t io n
( o f te n e n fo rc e d u s in g
ja v a s c r ip t) . I t is a n e s s e n tia l
p e n e t r a t io n te s t in g
te c h n iq u e .
Eth ica l H acking and Countermeasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Stricdy Prohibited.
C E H Lab M anual Page 726
M odule 11 - S e ss io n H ijack in g
Untitled Session ־ OWASP 7AP£ile Edit Vie* Analyte Report Tools H*p
Request■* | Response - [ Breaku ־.I la פ0 b ־ . I
I 3«m1» I
ltea:c־ lei• • U3c- lei! *j 1 1 [ IHTTP/1.1 200 OKC*ch*־ Concrol: p riva te, nax-age-0 Ctntent ־Type: texc/hsnl; charaet-utf8־Expirea: Mon, IS Oct 2012 12:30:19 GMTP2P: CF--NOS UST COM WAV 3TA LOC CURa DFVa PSAa P3Da OUR IND"
t 1st>1e.; event .srcElexer.t :a.target) >,0! .s3_ce a,׳rccuse down״, run0t10 n(n! {s __ *״(>(//) jx/scr 1 p t x c 1 cle|cakea| - B 1 ng</t1 t l e X l m k r.ref="/s/vlflag. icc• ze~- "lc2 n”/xlir.t r.rer—■/3earth?(j-Cake34a1nc;QC-fiturp;q3־*nSar»p; forrc-OBL!lSan,p; file—ollSanr EQ-Cakesfian p;3c=0-043Ex?3p=-l«axp;31c=iaap;format=r33" rel="alternace" t1rle="XML• rype=
w»ngcom*־/rwp א ft F® Giles(3 ׳
Pa rams Oufcutj______ Alerts f t _____
PortScan ־ j Furzer Breakpoints &
[ Brute Force Search
504 Gateway Tine . 389ms ■504 Gateway׳ Tim©... 389ms
1 GET rrltp SfflMN.Cing corV3 GET ncpv w.cir co״v
Current Scans £ 0 ^ 0 ^ 0 0 * 0Ale Its PO . 0 1 י
IJntiflf'd Session OWASP 7AP
£110 Edit View Analyse Report Tools HelpL: U l! ת a , . 0J S«״ (» | R«qb»»tw~] R>spons*~ [ X 1
|Hm»l.T«11 »| B0O).T«l » | □ I JHTTP/1.1 20a OKCache-Consrel: p riva te, nax-acre-0 ccntent-Type: text/r.tm i; cnars«t*ut1-8 Expires: Mon, 15 Get 2012 12:30:19 GMTP2P: C?-״SOS TO I C0K HAV STA LOC CURa DEVa PSAa PSDa OUR HID"W.i. I L ■i.■-■ . -־ i.mwfc.'ii .!arm * ; ,■uaLun1.il ׳. ■iwiuin .׳׳.■ .iuulliuu ׳
3j_bc _d, "wzusedown", function(nI <3i_ct (3b_ie?event•srcEleraent:n.target) >,0) ) ) ();/ / J j x ׳3 c r : . p r x 1 - ־ -e' jcars| - Sir.g</t1tlex11nic hrer="/ 3/v l l la g .1co" re I s ־ ic o n V x lin k h re f-•/3sarch?3=Cake3£arx;gc=£a1np;q3=n£anp׳• f orrt=Q3LH£artp; f11c=all£anp;cq=Cake3£ar: p;sc=o-04ar2:;sp=-liaxp;3Jc=iaa3?;rormat=r3s" rel="altemate" t1tle="XML• :ype=
▼ l£ I ■Si:e*Qj ft HMpftktww bingcon!
ActvsScan A [ Spider | Brute Forced [ PortScan: ] FuzzerW ן ParamsO O-tcu:Historj“ |_______ Search _______ J__________ Breakpoints ^ __________1______ Alerts f t _____
504 Gateway Time 389ms -504 catowa\׳ Tine... 389ms
hltp »׳'*n\1n ting cornfntp /׳AVkV,.crq co״v
0*0CurientScans £ 0 ^ 0Ale its P0 . 0 1 * ו
F I G U R E 2 .7 : P a ro s P r o x y s e a rc h s t r in g c o n te n t
2 5 . 111 th e s a m e R e s p o n s e p a n e , r e p la c e C a k e s w i th C a r s a s s h o w n i n th e
f o l lo w in g f ig u re a t t h e v a lu e s h o w n .
Untitled Session * OWASP ZAP ■ - I - U 2 J
File Eon View Analyse Repoit Tools H«p
la» id l־l & G O 4 H ■ ! ^ 0J Sites 1* | Retjues♦“ * ] Response^ ! Break
Heaser Tern ״ Bogy: Tcxi *HIT*/1.1 i0 .u or׳Cacr.e-Conrrcl: p rm :e , nax-age=o Ccntent-Type: texc/html; charset—utf-8 Expirea: Mon, IS Cct 2012 12:30:19 GMTP3P: CF-'KON־ tJKI COK HRV STi. LOC CUR a DFVa PSAa PSDa CtJR IND"
A.__׳ijuj. י. 3u ז— sua:. 5i _׳ j!_׳ _s ״ ! ! ■ ־1.npuw״<>swjD=״dxvxdzv clas3=n3w_bci"><d v clas3=',3v_bn 1a>3׳׳v_cta■>3eca=״aב.
class—"3w qfeox" ia="9b Com q* narae="qn t.ltle="En1;er your search cera• :vp*-a=—afceaf* or.focuo־*tex t* va l
cnriur= #3366יםש;״= 'sty le .to rderco lo r.3י ןw b'ןge-Elenentsyia.פ ב■0ד=219ז—3-la ס •docunent.qetElenentByld I ’ 3w_bt I .s ty le •borderColor - '4999'; " /X d i ir
"x /d 1 v x input id - "sb_£orrt_go" cla33="3w_qbtn" t i t l e - *Search3״v_dvar״
'ft PSlles0 r1 nap jfw'MM. oing.com
Brjte Force j*• \ PortScan־_____| Furrer | Paramsn | OutputAlfeits ftSearch
504 Gateway Tine. 389m$ "■504 Gat»w3y lino. 389msr
Curient Scans v 0 4 t 0 1/>0 0%>0
m T l i i s f u n c t io n a l i t y is
b a s e d o n c o d e f r o m th e
O W A S P J B ro F u z z p r o je c t
a n d in c lu d e s f i le s f r o m th e
fu z z d b p ro je c t . N o t e th a t
s o m e fu z z d b f i le s h a v e
b e e n le f t o u t as th e y cause
c o m m o n a n t i v ir u s
s c a n n e rs to f la g th e m as
c o n ta in in g v iru s e s . Y o u c a n
re p la c e th e m (a n d u p g ra d e
fu z z d b ) b y d o w n lo a d in g
th e la te s t v e r s io n o f fu z z d b
a n d e x p a n d in g i t i n th e
,fu z z e rs ' l ib ra ry .
Eth ica l H acking and Countermeasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Stricdy Prohibited.
C E H Lab M anual Page 727
M odule 11 - S e ss io n H ijack in g
UntiMrd Session ־ OWASP 7AP[ £«e Ejii view Analyte Ropoil Tools H#p
► ti rl w 0סRequest■** | Response^ Break v׳
ileaser leu ״ Uo«y: T«a1
HTTP/1.1 200 OKC*ch*־ C oncro l: p r iv a c a , r*ax-aga-0 Ccnccn ־ ״ Type: c e x c /h s n l ; c h a r a e t - u t f ־8Expirea: Xor., IS Oct 2012 12:30:19 GMTP2P: CF--NOS UST COM WAV STR LOC CURa DEVa PSAa P3Da OUR IND"
pu:.3.־ u f x .5wct a*>B*c»</davx<11v Clas3="3'׳=3w bd"><cl1v :ias3״=sw 6" :2׳= 1:la33-"3v_qfcox"id-"3b_Eonn_q" name-"q" title—"Enter your search tern1 type-
,text■ value= ' 3 3nf ocua=Elenenc3yId|,aw b 1).9tyle.borderColor='#3366fcb,;w onblur—־!'tocunent.ge
—X d i ▼ class;"/ י#999י - 'docunent.getElenentByld I *sw_b' J .style•borderColor "3v_dv:1r " ></cL.v><input rd="sb_forrt_go" class="sw_qbtn" t!tle="Searchי
J S«Ufr 1_
Params G j Oufcut j________ Alerts ______
Port Scan ' ] Furzer jjfBreak Points &
[ B1־׳*e ForceSearch
Sp d-f £
T
504 Gateway Time . 389ms504 Gateway Time. 389ms
1 GET rrltp SfflMN.Cing corV3 GET 9י׳י£-׳*י*י**ס*ז co״v
Current Scans £ 0 # 0 ^ 0 _ 0 y o
T lu s t o o l k e e p s t r a c k
o f th e e x is t in g H t t p
S e s s io n s o n a p a r t ic u la r S ite
a n d a llo w s th e Z a p r o x y
u s e r t o fo r c e a l l re q u e s ts to
b e o n a p a r t ic u la r se ss ion .
B a s ic a lly , i t a llo w s th e u s e r
t o e a s ily s w itc h b e tw e e n
u s e r se ss io n s o n a S ite a n d
t o c re a te a n e w S e s s io n
w i t h o u t " d e s t ro y in g " th e
e x is t in g o n e s .
F IG U R E Z8: P aros w i t h m o d if ie d tra p o p t io n c o n te n t
N o te : H e r e w e a re c h a n g in g th e te x t C a k e s t o C a rs ; th e b in g s e a r c h s h o w s
C a r s , w h e r e a s th e r e s u l t s d is p la y e d a r e f o r C a k e s .
2 6 . O b s e r v e th e B in g s e a r c h w e b p a g e d is p la y e d 1 1 1 t h e b r o w s e r w i th
s e a r c h q u e r y a s “ C a k e s . ”
Hד בX 2) www.bing.corn/search?q=cars&go=&qs־־n&form=QBLH&filt=all&pq=cars&sc=0
WEB IMAGES VDEOS HEWS MORE
t> 1n qBeta
357.00 0 0 נ RESULTS
l-naaes cflcakesltnrq com/maces
Cake W ikipodia tho froo encyclopedia en wk p*da o־g Wkt/CakeVarieties Special-purpose cakes Shapes Cake flout Cake decorating Cake ts a forrr cf bread ot bread-like food In its modern forms, it is typically a sweet ba«od dessert In As oldest forms, cakoc •voro normally fnod broadc or
F I G U R E 2 .6 : S e a rc h re s u lts w in d o w a f te r m o d if y in g th e c o n te n t
2 7 . T h a t 's i t . Y o u ju s t f o r c e d a il u n s u s p e c t in g w e b b r o w s e r t o g o to a n y
p a g e o f }7o u r c h o o s in g .
L a b A n a ly s is
A n a ly z e a n d d o c u m e n t d ie re s u lts re la te d to d ie la b e x e rc ise . G iv e y o u r o p in io n o n
y o u r ta r g e t’s s e c u n ty p o s tu r e a n d e x p o s u re .
LydJ I t is b a s e d o n d ie
c o n c e p t o f S e s s io n T o k e n s ,
w h ic h a re H T T P m e ssa ge
p a ra m e te rs ( f o r n o w o n ly
C o o k ie s ) w h ic h a l lo w a n
H T T P s e rv e r t o c o n n e c t a
re q u e s t m e ssa ge w i t h a n y
p re v io u s re q u e s ts o r d a ta
s to re d . I n th e case o f
Z a p r o x y , c o n c e p tu a l ly ,
s e s s io n to k e n s h a v e b e e n
c la s s if ie d in t o 2 c a te g o r ie s :
d e fa u lt s e s s io n to k e n s a n d
s ite s e s s io n to k e n s . T h e
d e fa u l t s e s s io n to k e n s a re
th e o n e s th a t th e u s e r c a n
s e t in d ie O p t io n s S c re e n
a n d a re to k e n s th a t a re , b y
d e fa u lt , a u to m a t ic a l ly
c o n s id e re d s e s s io n to k e n s
f o r a n y s ite (eg. p h p s e s s id ,
js e s s io n id , e tc ) . T h e s ite
s e s s io n to k e n s a re a se t o f
to k e n s f o r a p a r t ic u la r s ite
a n d a re u s u a lly s e t u p u s in g
th e p o p u p m e n u s a v a ila b le
i n th e P a ra m s T a b .
T o o l / U t i l i t y I n f o r m a t i o n C o l l e c t e d / O b j e c t i v e s A c h i e v e d
Z e d A t t a c k P r o x y■ S S L c e r t i f ic a te to h a c k i n t o a w e b s i t e
■ R e d i r e c t in g th e r e q u e s t m a d e in B in g
Eth ica l H acking and Countermeasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Stricdy Prohibited.
C E H Lab M anual Page 728
P L E A S E T A L K T O Y O U R I N S T R U C T O R I F Y O U H A V E Q U E S T I O N SR E L A T E D T O T H I S L A B .
Q u e s t io n s
1. E v a lu a te e a c h o f th e fo l lo w in g P a ro s p ro x y o p tio n s :
a. T r a p R e q u e s t
b . T r a p R e s p o n s e
c. C o n t in u e B u t to n
d . D r o p B u t to n
I n t e r n e t C o n n e c t i o n R e q u i r e d
0 Y e s
P l a t f o r m S u p p o r t e d
0 C l a s s r o o m
□ N o
□ !L a b s
Eth ica l H acking and Countemieasures Copyright © by EC-CouncilA ll Rights Reserved. Reproduction is Stricdy Prohibited.
C E H Lab M anual Page 729