Advertisement
Hi everyone,
my name is Prashanta and I have been experimenting with Session hijacking on my own computers. Using IIS 5.5 on Windows XP SP2.
I read up on session-id generation by IIS and found out that it encrypts the session-id. There is a counter and some random string that it puts together and then encrypts. If I could predict the Session-id, then I could successfully hijack a session of my own web application. I do not want to look up the session-id in my browser because I am quite sure hackers will not come and look at my browser to find out my session-id.
Sniffing is also ineffectual because I am on a switch and not a hub so there is no broadcast. I have yet to try out ARP poisoning and the switch table overflow methods to sniff packets. But I am going to do so pretty soon.
Right now I am not using https so if I manage to sniff the data it will work, but in real life I will be using https so even that method will fail. Because of this, I am not interested in sniffing packets as I will be using 128 bit encryption in real life and I do not think that can be broken easily.
So I was wondering can session hijacking occur in a scenario where I am using 128 bit encryption for all communications between the client and server? Can session-ids of IIS 5.5 be predicted? Oh and I also wanted to ask what algorithm does IIS use for encryption?
Thanks in advance,
Prashanta
my name is Prashanta and I have been experimenting with Session hijacking on my own computers. Using IIS 5.5 on Windows XP SP2.
I read up on session-id generation by IIS and found out that it encrypts the session-id. There is a counter and some random string that it puts together and then encrypts. If I could predict the Session-id, then I could successfully hijack a session of my own web application. I do not want to look up the session-id in my browser because I am quite sure hackers will not come and look at my browser to find out my session-id.
Sniffing is also ineffectual because I am on a switch and not a hub so there is no broadcast. I have yet to try out ARP poisoning and the switch table overflow methods to sniff packets. But I am going to do so pretty soon.
Right now I am not using https so if I manage to sniff the data it will work, but in real life I will be using https so even that method will fail. Because of this, I am not interested in sniffing packets as I will be using 128 bit encryption in real life and I do not think that can be broken easily.
So I was wondering can session hijacking occur in a scenario where I am using 128 bit encryption for all communications between the client and server? Can session-ids of IIS 5.5 be predicted? Oh and I also wanted to ask what algorithm does IIS use for encryption?
Thanks in advance,
Prashanta
Advertisement
Advertisement
