{"id":41351,"date":"2021-07-26T18:20:47","date_gmt":"2021-07-26T11:20:47","guid":{"rendered":"http:\/\/httl.com.vn\/wiki\/session-hijacking-la-gi\/"},"modified":"2021-07-26T18:20:47","modified_gmt":"2021-07-26T11:20:47","slug":"session-hijacking-la-gi","status":"publish","type":"post","link":"https:\/\/httl.com.vn\/wiki\/session-hijacking-la-gi\/","title":{"rendered":"Session hijacking l\u00e0 g\u00ec"},"content":{"rendered":"<\/p>\n
\n

Session Hijacking L\u00e0 G\u00ec ?<\/h2>\n

Ti\u1ebfp theo, ch\u00fang ta s\u1ebd t\u00ecm hi\u1ec3u v\u1ec1 ch\u1ee7 \u0111\u1ec1 Session Hijacking, m\u1ed9t h\u00ecnh th\u1ee9c t\u1ea5n c\u00f4ng ph\u1ed5 bi\u1ebfn nh\u1eafm v\u00e0o c\u00e1c ng\u01b0\u1eddi d\u00f9ng m\u1ea1ng x\u00e3 h\u1ed9i nh\u01b0 Facebook hay nh\u1eefng h\u1ed9p th\u01b0 Gmail, Yahoo. Session Hijacking l\u00e0 h\u00ecnh th\u1ee9c t\u1ea5n c\u00f4ng v\u00e0o phi\u00ean l\u00e0m vi\u1ec7c gi\u1eefa client v\u00e0 server c\u00e1ch \u0111\u00e1nh c\u1eafp cookie c\u1ee7a ng\u01b0\u1eddi s\u1eed d\u1ee5ng sau khi h\u1ecd \u0111\u00e3 qua b\u01b0\u1edbc x\u00e1c th\u1ef1c v\u1edbi m\u00e1y ch\u1ee7, sau \u0111\u00f3 s\u1ebd chi\u1ebfm quy\u1ec1n \u0111i\u1ec1u khi\u1ec3n c\u1ee7a phi\u00ean l\u00e0m vi\u1ec7c n\u00e0y. Session l\u00e0 thu\u1eadt ng\u1eef n\u00f3i \u0111\u1ebfn m\u1ed9t phi\u00ean k\u1ebft n\u1ed1i gi\u1eefa hai m\u00e1y t\u00ednh tr\u00ean h\u1ec7 th\u1ed1ng m\u1ea1ng th\u01b0\u1eddng \u0111\u01b0\u1ee3c duy tr\u00ec b\u1edfi c\u00e1c gi\u00e1 tr\u1ecb nh\u01b0 th\u1eddi gian t\u1ed3n t\u1ea1i c\u1ee7a session, th\u00f4ng tin cookie c\u1ee7a tr\u00ecnh duy\u1ec7t hay c\u00e1c th\u1ebb b\u00e0i th\u00edch h\u1ee3p. C\u00e1c b\u1ea1n c\u00f3 th\u1ec3 xem l\u1ea1i ph\u1ea7n gi\u1edbi thi\u1ec7u v\u1ec1 phi\u00ean l\u00e0m vi\u1ec7c v\u00e0 qu\u00e1 tr\u00ecnh three-way handshake \u1edf nh\u1eefng ch\u01b0\u01a1ng tr\u01b0\u1edbc.<\/p>\n

B\u1ea1n \u0111ang xem: Session hijacking l\u00e0 g\u00ec<\/a><\/p>\n

Trong \u0111\u1ea1i h\u1ed9i Blackhat n\u0103m 2009 m\u1ed9t hacker \u0111\u00e3 l\u00e0m ng\u1ee1 ng\u00e0ng kh\u00e1n th\u00ednh gi\u1ea3 v\u00ec \u0111\u00e3 tr\u00ecnh di\u1ec5n tr\u1ef1c ti\u1ebfp m\u1ed9t ph\u01b0\u01a1ng ph\u00e1p \u0111\u1ed9t nh\u1eadp v\u00e0o h\u1ed9p th\u01b0 c\u1ee7a ph\u00f3ng vi\u00ean BBC \u0111ang tham d\u1ef1 h\u1ed9i th\u1ea3o v\u00e0 g\u1edfi th\u01b0 tr\u01b0\u1edbc m\u1eb7t c\u1eed t\u1ecda trong h\u1ed9i tr\u01b0\u1eddng. Ph\u01b0\u01a1ng ph\u00e1p t\u1ea5n c\u00f4ng n\u00e0y \u0111\u01b0\u1ee3c chuy\u00ean gia b\u1ea3o m\u1eadt tr\u00ean \u0111\u1eb7t t\u00ean l\u00e0 Side jacking, m\u1ed9t thu\u1eadt ng\u1eef kh\u00f4ng th\u1ea5y xu\u1ea5t hi\u1ec7n trong CEH nh\u01b0ng c\u0169ng thu\u1ed9c d\u1ea1ng t\u1ea5n c\u00f4ng Session Hijacking.<\/p>\n

Ph\u00e2n bi\u1ec7t Spoofing v\u00e0 Hijacking<\/h3>\n

T\u1ea5n c\u00f4ng spoofing kh\u00e1c v\u1edbi d\u1ea1ng t\u1ea5n c\u00f4ng hijacking. Vi trong t\u00ecnh hu\u1ed1ng t\u1ea5n c\u00f4ng spoofing c\u00e1c hacker s\u1ebd nghe l\u00e9n d\u1eef li\u1ec7u truy\u1ec1n tr\u00ean m\u1ea1ng t\u1eeb ng\u01b0\u1eddi g\u1edfi \u0111\u1ebfn n\u01a1i nh\u1eadn sau \u0111\u00f3 s\u1eed d\u1ee5ng c\u00e1c th\u00f4ng tin thu th\u1eadp \u0111\u01b0\u1ee3c gi\u1ea3 m\u1ea1o \u0111\u1ecba ch\u1ec9 (ho\u1eb7c s\u1eed d\u1ee5ng ngay c\u00e1c \u0111\u1ecba ch\u1ec9 \u0111\u00e3 l\u1ea5y tr\u1ed9m) nh\u1eb1m qua m\u1eb7t c\u00e1c h\u1ec7 th\u1ed1ng ki\u1ec3m tra. Trong khi \u0111\u00f3 h\u00ecnh th\u1ee9c t\u1ea5n c\u00f4ng hijacking s\u1ebd l\u00e0m cho k\u1ebft n\u1ed1i c\u1ee7a n\u1ea1n nh\u00e2n \u0111\u1ebfn m\u00e1y ch\u1ee7 b\u1ecb ng\u1eaft khi \u0111\u00e3 x\u00e1c th\u1ef1c th\u00e0nh c\u00f4ng sau \u0111\u00f3 c\u01b0\u1edbp l\u1ea5y phi\u00ean l\u00e0m vi\u1ec7c n\u00e0y c\u1ee7a ng\u01b0\u1eddi d\u00f9ng nh\u1eb1m v\u01b0\u1ee3t qua b\u01b0\u1edbc ki\u1ec3m tra c\u1ee7a m\u00e1y ch\u1ee7. Qu\u00e1 tr\u00ecnh t\u1ea5n c\u00f4ng Session Hijacking g\u1ed3m c\u00f3 ba b\u01b0\u1edbc nh\u01b0 sau :<\/strong><\/em><\/p>\n

D\u00f2 T\u00ecm Session :<\/strong> Hacker s\u1ebd d\u00f2 t\u00ecm c\u00e1c session \u0111ang m\u1edf v\u00e0 t\u00ednh to\u00e1n gi\u00e1 tr\u1ecb tu\u1ea7n t\u1ef1 c\u1ee7a g\u00f3i tin ti\u1ebfp theo. T\u00e1i \u0110\u1ed3ng B\u1ed9 K\u1ebft N\u1ed1i :<\/strong> Hacker g\u1edfi c\u00e1c t\u00edn hi\u1ec7u TCP reset (RST) hay FIN \u0111\u1ec3 y\u00eau c\u1ea7u kh\u1edfi \u0111\u1ed9ng l\u1ea1i qu\u00e1 tr\u00ecnh k\u1ebft n\u1ed1i \u0111\u1ed3ng th\u1eddi \u0111\u00f3ng phi\u00ean l\u00e0m vi\u1ec7c c\u0169. Ch\u00e8n C\u00e1c Packet T\u1ea5n C\u00f4ng :<\/strong> l\u00fac n\u00e0y hacker s\u1ebd g\u1edfi \u0111\u1ebfn m\u00e1y ch\u1ee7 nh\u1eefng g\u00f3i tin TCP v\u1edbi s\u1ed1 hi\u1ec7u tu\u1ea7n t\u1ef1 \u0111\u00e3 \u0111\u01b0\u1ee3c t\u00ednh to\u00e1n th\u00edch h\u1ee3p v\u1edbi phi\u00ean l\u00e0m vi\u1ec7c do \u0111\u00f3 m\u00e1y ch\u1ee7 s\u1ebd ch\u1ea5p nh\u1eadn nh\u1eefng th\u00f4ng tin n\u00e0y gi\u1ed1ng nh\u01b0 l\u00e0 c\u00e1c d\u1eef li\u1ec7u h\u1ee3p l\u1ec7 ti\u1ebfp theo c\u1ee7a ng\u01b0\u1eddi d\u00f9ng b\u1ecb t\u1ea5n c\u00f4ng. Ngh\u0129a l\u00e0, khi n\u00e0y c\u00e1c hacker c\u00f3 th\u1ec3 g\u1edfi \u0111i m\u1ed9t th\u00f4ng \u0111i\u1ec7p tr\u00ean ch\u00ednh Wall c\u1ee7a n\u1ea1n nh\u00e2n b\u1eb1ng t\u00e0i kho\u1ea3n Facebook c\u1ee7a ng\u01b0\u1eddi b\u1ecb t\u1ea5n c\u00f4ng <\/p>\n

C\u00e1c d\u1ea1ng t\u1ea5n c\u00f4ng Session Hijacking<\/strong><\/p>\n

C\u00f3 hai d\u1ea1ng Session Hijacking \u0111\u00f3 l\u00e0 ch\u1ee7 \u0111\u1ed9ng v\u00e0 b\u1ecb \u0111\u1ed9ng. Kh\u00e1c bi\u1ec7t ch\u00ednh gi\u1eefa hai h\u00ecnh th\u1ee9c hijacking n\u00e0y ph\u1ee5 thu\u1ed9c v\u00e0o s\u1ef1 t\u00e1c \u0111\u1ed9ng c\u1ee7a hacker l\u00ean phi\u00ean l\u00e0m vi\u1ec7c c\u1ee7a ng\u01b0\u1eddi s\u1eed d\u1ee5ng trong m\u00f4i tr\u01b0\u1eddng m\u1ea1ng. \u1ede tr\u1ea1ng th\u00e1i ch\u1ee7 \u0111\u1ed9ng hacker s\u1ebd t\u00ecm c\u00e1c phi\u00ean l\u00e0m vi\u1ec7c \u0111ang ho\u1ea1t \u0111\u1ed9ng v\u00e0 chi\u1ebfm \u0111o\u1ea1t n\u00f3 th\u00f4ng qua c\u00e1c c\u00f4ng c\u1ee5 v\u00e0 t\u00ednh to\u00e1n c\u00e1c gi\u00e1 tr\u1ecb tu\u1ea7n t\u1ef1 c\u1ee7a g\u00f3i tin trong TCP session. Ng\u01b0\u1ee3c l\u1ea1i, \u1edf t\u00ecnh hu\u1ed1ng t\u1ea5n c\u00f4ng hijacking th\u1ee5 \u0111\u1ed9ng th\u00ec c\u00e1c k\u1ebb t\u1ea5n c\u00f4ng ch\u1ec9 theo d\u00f5i v\u00e0 ghi l\u1ea1i t\u1ea5t c\u1ea3 nh\u1eefng truy\u1ec1n th\u00f4ng \u0111\u01b0\u1ee3c g\u1edfi b\u1edfi ng\u01b0\u1eddi s\u1eed d\u1ee5ng h\u1ee3p l\u1ec7, c\u00e1c b\u1ea1n c\u00f3 th\u1ec3 th\u1ea5y t\u00ecnh hu\u1ed1ng n\u00e0y r\u1ea5t gi\u1ed1ng v\u1edbi nghe l\u00e9n v\u00ec n\u00f3 s\u1ebd thu th\u1eadp c\u00e1c th\u00f4ng tin quan tr\u1ecdng c\u1ee7a ng\u01b0\u1eddi d\u00f9ng nh\u01b0 m\u1eadt kh\u1ea9u \u0111\u0103ng nh\u1eadp \u0111\u1ec3 ti\u1ebfn h\u00e0nh x\u00e1c th\u1ef1c cho c\u00e1c l\u1ea7n x\u00e2m nh\u1eadp tr\u00e1i ph\u00e9p sau n\u00e0y tr\u00ean m\u1ed9t session kh\u00e1c.<\/p>\n

Three-Way Handshake<\/strong><\/p>\n

Ch\u1ee9c n\u0103ng ch\u00ednh c\u1ee7a TCP trong m\u00f4 h\u00ecnh OSI l\u00e0 v\u1eadn chuy\u1ec3n c\u00e1c g\u00f3i tin gi\u1ed1ng nh\u01b0 t\u00ean g\u1ecdi c\u1ee7a n\u00f3 l\u00e0 Transmission Control Protocol. \u0110\u1ec3 th\u1ef1c \u0111i\u1ec1u n\u00e0y TCP s\u1eed d\u1ee5ng c\u00e1c g\u00f3i tin b\u00e1o nh\u1eadn (ACK) c\u00f9ng v\u1edbi s\u1ed1 hi\u1ec7u tu\u1ea7n t\u1ef1 (sequence number). T\u1eadn d\u1ee5ng c\u00e1c s\u1ed1 hi\u1ec7u n\u00e0y l\u00e0 m\u1ed9t trong nh\u1eefng \u0111i\u1ec3m then ch\u1ed1t c\u1ee7a TCP Session Hijacking, do \u0111\u00f3 \u0111\u1ec3 hi\u1ec3u r\u00f5 v\u1ec1 d\u1ea1ng t\u1ea5n c\u00f4ng n\u00e0y c\u00e1c b\u1ea1n c\u1ea7n xem l\u1ea1i c\u00e1c kh\u00e1i ni\u1ec7m c\u01a1 b\u1ea3n c\u1ee7a qu\u00e1 tr\u00ecnh b\u1eaft tay ba b\u01b0\u1edbc \u0111\u00e3 tr\u00ecnh b\u00e0y trong ph\u1ea7n \u0111\u1ea7u c\u1ee7a gi\u00e1o tr\u00ecnh :<\/p>\n

Khi ng\u01b0\u1eddi d\u00f9ng h\u1ee3p l\u1ec7 kh\u1edfi t\u1ea1o m\u1ed9t k\u1ebft n\u1ed1i \u0111\u1ebfn m\u00e1y ch\u1ee7 v\u00ed d\u1ee5 k\u1ebft n\u1ed1i \u0111\u1ebfn trang Facebook \u0111\u1ec3 li\u00ean l\u1ea1c v\u1edbi b\u1ea1n b\u00e8 hay Flickr \u0111\u1ec3 chia s\u1ebd h\u00ecnh \u1ea3nh v\u1edbi ng\u01b0\u1eddi th\u00e2n th\u00ec m\u00e1y t\u00ednh c\u1ee7a anh ta s\u1ebd g\u1edfi m\u1ed9t g\u00f3i tin c\u00f3 ch\u1ee9a t\u00edn hi\u1ec7u SYN y\u00eau c\u1ea7u \u0111\u1ed3ng b\u1ed9 v\u00e0 m\u1ed9t gi\u00e1 tr\u1ecb ISN (Initial Sequence Number) ban \u0111\u1ea7u . M\u00e1y ch\u1ee7 Facebook hay Flickr ti\u1ebfp nh\u1eadn g\u00f3i tin n\u00e0y v\u00e0 ph\u1ea3n h\u1ed3i b\u1eb1ng m\u1ed9t th\u00f4ng \u0111i\u1ec7p \u0111\u01b0\u1ee3c thi\u1ebft l\u1eadp b\u1eb1ng c\u1edd SYN c\u00f9ng v\u1edbi ISBN c\u1ee7a m\u00e1y ch\u1ee7, k\u00e8m theo \u0111\u00f3 l\u00e0 c\u1edd ACK \u0111\u01b0\u1ee3c x\u00e1c \u0111\u1ecbnh v\u1edbi s\u1ed1 hi\u1ec7u \u0111\u01b0\u1ee3c kh\u1edfi t\u1ea1o c\u1ee7a ng\u01b0\u1eddi g\u1edfi c\u1ed9ng th\u00eam 1. Ti\u1ebfp theo m\u00e1y t\u00ednh c\u1ee7a ng\u01b0\u1eddi d\u00f9ng h\u1ee3p l\u1ec7 s\u1ebd th\u00f4ng b\u00e1o b\u1eb1ng g\u00f3i tin v\u1edbi c\u1edd Ack \u0111\u01b0\u1ee3c thi\u1ebft l\u1eadp c\u00f9ng v\u1edbi gi\u00e1 tr\u1ecb ISN c\u1ee7a m\u00e1y ch\u1ee7 c\u1ed9ng th\u00eam 1 \u0111\u1ec3 b\u1eaft \u0111\u1ea7u phi\u00ean l\u00e0m vi\u1ec7c. K\u1ebft n\u1ed1i n\u00e0y c\u00f3 kh\u1ea3 n\u0103ng b\u1ecb \u0111\u00f3ng khi h\u1ebft th\u1eddi gian do m\u1ea1ng b\u1ecb lag (b\u1ecb tr\u1ec5) hay k\u1ebft n\u1ed1i c\u00f3 th\u1ec3 b\u1ecb k\u1ebft th\u00fac khi nh\u1eadn \u0111\u01b0\u1ee3c c\u00e1c y\u00eau c\u1ea7u l\u00e0 nh\u1eefng g\u00f3i tin v\u1edbi c\u1edd FIN hay RST \u0111\u01b0\u1ee3c \u0111\u1eb7t. <\/p>\n

Khi nh\u1eadn \u0111\u01b0\u1ee3c t\u00edn hi\u1ec7u RST th\u00ec k\u1ebft n\u1ed1i s\u1ebd b\u1ecb \u0111\u00f3ng v\u00e0 t\u1ea5t c\u1ea3 c\u00e1c g\u00f3i tin ti\u1ebfp theo b\u1ecb t\u1eeb ch\u1ed1i, c\u00f2n khi nh\u1eadn \u0111\u01b0\u1ee3c t\u00edn hi\u1ec7u \u0111\u00f3ng b\u1eb1ng c\u1edd FIN th\u00ec c\u00e1c g\u00f3i tin \u0111ang x\u1eed l\u00fd v\u1eabn \u0111\u01b0\u1ee3c ti\u1ebfp nh\u1eadn cho \u0111\u1ebfn khi ho\u00e0n t\u1ea5t th\u00ec k\u1ebft n\u1ed1i m\u1edbi k\u1ebft th\u00fac. V\u00e0 vi\u1ec7c g\u1edfi nh\u1eefng t\u00edn hi\u1ec7u v\u1edbi c\u1edd FIN hay RST l\u00e0 ph\u01b0\u01a1ng ph\u00e1p ch\u00ednh m\u00e0 c\u00e1c hijacker (nh\u1eefng hacker t\u1ea5n c\u00f4ng hijacking) s\u1eed d\u1ee5ng \u0111\u1ec3 \u0111\u00f3ng c\u00e1c session c\u1ee7a client v\u1edbi server v\u00e0 sau \u0111\u00f3 chi\u1ebfm quy\u1ec1n \u0111i\u1ec1u khi\u1ec3n, ho\u1ea1t \u0111\u1ed9ng nh\u01b0 l\u00e0 client h\u1ee3p l\u1ec7.<\/p>\n

TCP l\u00e0 m\u1ed9t giao th\u1ee9c h\u01b0\u1edbng li\u00ean k\u1ebft c\u00f3 nhi\u1ec7m v\u1ee5 t\u1ed5ng h\u1ee3p c\u00e1c g\u00f3i tin (packet) b\u1ecb ph\u00e2n m\u00e3nh khi truy\u1ec1n th\u00e0nh d\u1eef li\u1ec7u g\u1ed1c. V\u00ec v\u1eady m\u1ed7i packet c\u1ea7n \u0111\u01b0\u1ee3c c\u1ea5p m\u1ed9t gi\u00e1 tr\u1ecb duy nh\u1ea5t theo th\u1ee9 t\u1ef1 g\u1ecdi l\u00e0 sequence nember (SN), ngo\u00e0i ra m\u1ed7i packet c\u00f2n \u0111\u01b0\u1ee3c g\u00e1n gi\u00e1 tr\u1ecb session \u0111\u1ec3 m\u00e1y nh\u1eadn c\u00f3 th\u1ec3 h\u1ee3p nh\u1ea5t c\u00e1c lu\u1ed3ng packet th\u00e0nh d\u1eef li\u1ec7u g\u1ed1c ban \u0111\u1ea7u. N\u1ebfu c\u00e1c packet kh\u00f4ng \u0111\u1ebfn \u0111\u00edch theo m\u1ed9t tr\u1eadt t\u1ef1 nh\u01b0 ban \u0111\u1ea7u th\u00ec sequence number s\u1ebd gi\u00fap cho vi\u1ec7c s\u1eafp x\u1ebfp ch\u00fang theo \u0111\u00fang tr\u00ecnh t\u1ef1. Ngo\u00e0i ra, m\u1ed9t h\u1ec7 th\u1ed1ng kh\u1edfi t\u1ea1o TCP session b\u1eb1ng c\u00e1ch g\u1edfi g\u00f3i tin v\u1edbi c\u1edd SYN \u0111\u01b0\u1ee3c thi\u1ebft l\u1eadp v\u00e0 g\u00f3i tin n\u00e0y \u0111\u01b0\u1ee3c g\u1ecdi l\u00e0 synchronize packet c\u00f3 ch\u1ee9a c\u00e1c gi\u00e1 tr\u1ecb kh\u1edfi t\u1ea1o ISN (Initial Sequence Number) V\u00e0 khi c\u00e1c g\u00f3i tin c\u00f3 ch\u1ee9a th\u00f4ng tin b\u00e1o nh\u1eadn ACK \u0111\u01b0\u1ee3c g\u1edfi \u0111i th\u00ec c\u00e1c m\u00e1y t\u00ednh s\u1ebd s\u1eed d\u1ee5ng s\u1ed1 SN c\u1ee7a ACK n\u00e0y c\u1ed9ng th\u00eam m\u1ed9t \u0111\u01a1n v\u1ecb. C\u0169ng l\u01b0u \u00fd l\u00e0 vi\u1ec7c c\u1ed9ng m\u1ed9t n\u00e0y ch\u1ec9 \u00e1p d\u1ee5ng trong qu\u00e1 tr\u00ecnh three-way handshake, v\u1edbi c\u00e1c truy\u1ec1n th\u00f4ng kh\u00e1c th\u00ec gi\u00e1 tr\u1ecb c\u1ed9ng th\u00eam b\u1eb1ng v\u1edbi k\u00edch th\u01b0\u1ee3c c\u1ee7a g\u00f3i tin, v\u00ed d\u1ee5 ch\u00fang ta truy\u1ec1n 45 byte d\u1eef li\u1ec7u th\u00ec ACK \u0111\u00e1p N\u1eafm \u0111\u01b0\u1ee3c c\u01a1 ch\u1ebf n\u00e0y c\u1ee7a qu\u00e1 tr\u00ecnh b\u1eaft tay ba b\u01b0\u1edbc hacker \u0111\u00e3 t\u1ea1o ra c\u00e1c c\u00f4ng c\u1ee5 c\u00f3 th\u1ec3 x\u00e1c \u0111\u1ecbnh gi\u00e1 tr\u1ecb SN c\u1ee7a nh\u1eefng g\u00f3i tin, tr\u01b0\u1edbc ti\u00ean hacker s\u1ebd nghe l\u00e9n truy\u1ec1n th\u00f4ng gi\u1eefa hai m\u00e1y t\u00ednh \u0111\u1ec3 r\u1ed3i x\u00e1c \u0111\u1ecbnh gi\u00e1 tr\u1ecb ISN v\u00e0 t\u00ednh ra gi\u00e1 tr\u1ecb ti\u1ebfp theo. Tuy nhi\u00ean \u0111\u00e2y kh\u00f4ng ph\u1ea3i l\u00e0 m\u1ed9t vi\u1ec7c \u0111\u01a1n gi\u00e3n nh\u01b0 khi ch\u00fang ta tr\u00ecnh b\u00e0y nguy\u00ean t\u1eaft ho\u1ea1t \u0111\u1ed9ng c\u1ee7a ch\u00fang v\u00ec c\u00e1c g\u00f3i tin di chuy\u1ec3n v\u1edbi t\u1ed1c \u0111\u1ed9 c\u1ef1c nhanh, n\u1ebfu nh\u01b0 hacker kh\u00f4ng sniff (nghe l\u00e9n) \u0111\u01b0\u1ee3c g\u00f3i tin th\u00ec h\u1ecd c\u0169ng kh\u00f4ng th\u1ec3 ti\u1ebfn h\u00e0nh t\u1ea5n c\u00f4ng Session Hijacking. V\u00ec v\u1eady h\u1ea7u h\u1ebft c\u00e1c c\u00f4ng c\u1ee5 t\u1ea5n c\u00f4ng Session Hijacking th\u00f4ng d\u1ee5ng \u0111\u1ec1u k\u00e8m theo \u1ee9ng d\u1ee5ng cho ph\u00e9p nghe l\u00e9n c\u00e1c g\u00f3i tin nh\u1eb1m x\u00e1c \u0111\u1ecbnh ra gi\u00e1 tr\u1ecb SN. \u1ee9ng s\u1ebd l\u1ea5y s\u1ed1 SN c\u1ee7a ACK nh\u1eadn c\u1ed9ng v\u1edbi 45.<\/p>\n

C\u00e1c B\u01b0\u1edbc Trong Qu\u00e1 Tr\u00ecnh Session Hijacking<\/strong><\/p>\n

\u0110\u1ec3 ti\u1ebfn h\u00e0nh t\u1ea5n c\u00f4ng Session Hijacking th\u00ec hacker c\u1ea7n th\u1ef1c hi\u1ec7n c\u00e1c b\u01b0\u1edbc sau :<\/p>\n

Tracking Session :<\/strong> Trong b\u01b0\u1edbc n\u00e0y hacker c\u1ea7n x\u00e1c \u0111\u1ecbnh c\u00e1c session \u0111ang ho\u1ea1t \u0111\u1ed9ng v\u00e0 t\u00ednh \u0111\u01b0\u1ee3c gi\u00e1 tr\u1ecb SN k\u1ebft ti\u1ebfp c\u1ee7a g\u00f3i tin. Desynchronizing :<\/strong> Hacker ti\u1ebfn h\u00e0nh \u0111\u00f3ng k\u1ebft n\u1ed1i c\u1ee7a n\u1ea1n nh\u00e2n \u0111\u1ec3 chi\u1ebfm to\u00e0n b\u1ed9 session c\u1ee7a h\u1ecd th\u00f4ng qua c\u00e1c c\u00f4ng DoS hay g\u1edfi nh\u1eefng t\u00edn hi\u1ec7u reset \u0111\u1ebfn m\u00e1y t\u00ednh ng\u01b0\u1eddi d\u00f9ng. G\u1ecfi C\u00e1c G\u00f3i Tin \u0110\u00e3 \u0110\u01b0\u1ee3c Ch\u00e8n Gi\u00e1 Tr\u1ecb SN H\u1ee3p L\u1ec7 \u0110\u1ebfn M\u00e1y Ch\u1ee7 :<\/strong> K\u1ebft n\u1ed1i nh\u01b0 ng\u01b0\u1eddi d\u00f9ng \u0111\u00e3 x\u00e1c th\u1ef1c. C\u00e1c C\u00f4ng C\u1ee5 T\u1ea5n C\u00f4ng Session Hijacking<\/strong> <\/p>\n

C\u00f3 kh\u00e1 nhi\u1ec1u c\u00f4ng c\u1ee5 c\u00f3 th\u1ec3 ti\u1ebfn h\u00e0nh t\u1ea5n c\u00f4ng Session Hijacking \u0111\u00e3 \u0111\u01b0\u1ee3c ph\u00e1t tri\u1ec3n tr\u01b0\u1edbc \u0111\u00e2y nh\u01b0 Juggernaut<\/strong> chuy\u00ean sniff c\u00e1c TCP session trong m\u00f4i tr\u01b0\u1eddng m\u1ea1ng ho\u1ea1t \u0111\u1ed9ng v\u1edbi hub. Ho\u1eb7c Hunt<\/strong> v\u1edbi ch\u1ee9c n\u0103ng gi\u1ea3 m\u1ea1o \u0111\u1ecba ch\u1ec9 MAC v\u1edbi c\u01a1 ch\u1ebf ARP spoofing, reset v\u00e0 gi\u00e1m s\u00e1t c\u00e1c k\u1ebft n\u1ed1i, nghe l\u00e9n \u0111\u01b0\u1eddng truy\u1ec1n.<\/p>\n

Xem th\u00eam: Nh\u00e0 C\u1ea5p 4 M\u00e1i Th\u00e1i 300 Trieu, 15+ M\u1eabu Nh\u00e0 C\u1ea5p 4 300 Tri\u1ec7u X\u00e2y \u0110\u1eb9p \u1ede N\u00f4ng Th\u00f4n<\/a><\/p>\n

Hi\u1ec7n nay, nhi\u1ec1u c\u00f4ng c\u1ee5 m\u1ea1nh m\u1ebd kh\u00e1c \u0111\u01b0\u1ee3c ph\u00e1t tri\u1ec3n gi\u00fap cho hacker c\u00f3 th\u1ec3 ti\u1ebfn h\u00e0nh t\u1ea5n c\u00f4ng Session Hijacking<\/strong> d\u1ec5 d\u00e0ng h\u01a1n. Trong s\u1ed1 \u0111\u00f3 ph\u1ea3i k\u1ec3 \u0111\u1ebfn Burp Suite,<\/strong> \u1ee9ng d\u1ee5ng c\u00f3 m\u1eb7t trong danh s\u00e1ch 125 c\u00f4ng c\u1ee5 b\u1ea3o m\u1eadt h\u00e0ng \u0111\u1ea7u hi\u1ec7n nay c\u00f3 kh\u1ea3 n\u0103ng thay \u0111\u1ed5i d\u1eef li\u1ec7u tr\u00ean qu\u00e1 tr\u00ecnh truy\u1ec1n, \u0111\u00e1nh c\u01b0\u1edbp session hay gi\u1ea3 m\u1ea1o c\u1ea3 c\u00e1c ch\u1ee9ng ch\u1ec9 \u0111i\u1ec7n t\u1eed d\u00f9ng trong x\u00e1c th\u1ef1c https Trong m\u00f4i tr\u01b0\u1eddng m\u1ea1ng kh\u00f4ng d\u00e2y th\u00ec Firesheep<\/strong> (http:\/\/codebutler.github.com\/firesheep\/) c\u00f3 l\u1ebd l\u00e0 c\u00f4ng c\u1ee5 n\u1ed5i ti\u1ebfng nh\u1ea5t xu\u1ea5t hi\u1ec7n v\u00e0o kho\u1ea3ng gi\u1eefa n\u0103m 2011, m\u1ed9t add-on m\u1ea1nh m\u1ebd c\u1ee7a Firefox (c\u00e1c phi\u00ean b\u1ea3n Firefox t\u1eeb 4 tr\u1edf l\u00ean kh\u00f4ng c\u00e0i \u0111\u1eb7t \u0111\u01b0\u1ee3c Firesheep) cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng d\u1ec5 d\u00e0ng nghe l\u00e9n v\u00e0 \u0111\u00e1nh c\u1eafp session c\u1ee7a ng\u01b0\u1eddi d\u00f9ng khi truy c\u1eadp Facebook, Flicker \u2026 \u0110\u1ec3 ch\u1ed1ng l\u1ea1i add-on n\u00e0y c\u00e1c b\u1ea1n n\u00ean s\u1eed d\u1ee5ng m\u1ed9t add-on kh\u00e1c c\u00f3 t\u00ean g\u1ecdi l\u00e0 BlacksheeP.<\/strong><\/p>\n

Ngo\u00e0i ra, trong qu\u00e1 tr\u00ecnh \u0111\u00e0o t\u1ea1o v\u1ec1 an ninh m\u1ea1ng cho c\u00e1c t\u1ed5 ch\u1ee9c t\u00f4i c\u0169ng th\u01b0\u1eddng hay \u0111\u1ec1 c\u1eadp \u0111\u1ebfn m\u1ed9t \u1ee9ng d\u1ee5ng th\u00fa v\u1ecb l\u00e0 Tamper Data, th\u01b0\u1eddng \u0111\u01b0\u1ee3c c\u00e1c hacker s\u1eed d\u1ee5ng \u0111\u1ec3 thay \u0111\u1ed5i c\u00e1c tham s\u1ed1 truy\u1ec1n \u0111\u1ebfn m\u00e1y ch\u1ee7, v\u00ed d\u1ee5 khi ng\u01b0\u1eddi d\u00f9ng ch\u01a1i c\u00e1c game online nh\u01b0 n\u00f4ng tr\u1ea1i tr\u00ean facebook, b\u1eafn chim \u2026 h\u1ecd c\u00f3 th\u1ec3 d\u1ec5 d\u00e0ng thay \u0111\u1ed5i \u0111i\u1ec3m s\u1ed1 c\u1ee7a m\u00ecnh \u0111\u1ec3 \u0111\u00e1nh l\u1eeba m\u00e1y ch\u1ee7 game.<\/p>\n

Nh\u1eefng M\u1ed1i Nguy Hi\u1ec3m C\u1ee7a Session Hijacking<\/strong><\/p>\n

C\u00f3 ph\u00f3ng vi\u00ean c\u1ee7a t\u1ea1p ch\u00ed n\u1ed5i ti\u1ebfng \u0111\u00e3 m\u1ea5t nhi\u1ec1u th\u1eddi gian \u0111\u1ec3 s\u01b0u t\u00e2m v\u00e0 vi\u1ebft b\u00e0i v\u1ec1 m\u1ed9t v\u1ee5 \u00e1n \u0111\u01b0\u1ee3c nhi\u1ec1u ng\u01b0\u1eddi quan t\u00e2m, nh\u01b0ng khi b\u00e0i b\u00e1o chu\u1ea9n b\u1ecb l\u00ean khu\u00f4n th\u00ec tr\u00ean m\u1ea1ng \u0111\u00e3 xu\u1ea5t hi\u1ec7n r\u1ea5t nhi\u1ec1u tin t\u1ee9c li\u00ean quan \u0111\u1ebfn ch\u1ee7 \u0111\u1ec1 n\u00e0y khi\u1ebfn cho ch\u00ednh t\u00e1c gi\u1ea3 ph\u1ea3i ng\u1ea1c nhi\u00ean, v\u00ec kh\u00f4ng bi\u1ebft t\u1ea1i sao th\u00f4ng tin \u0111\u00e3 b\u1ecb l\u1ed9 d\u00f9 anh ta n\u00f3i r\u1eb1ng m\u00ecnh \u0111\u00e3 c\u00e0i \u0111\u1eb7t \u0111\u1ea7y \u0111\u1ee7 ch\u01b0\u01a1ng tr\u00ecnh b\u1ea3o v\u1ec7, ph\u00f2ng ch\u1ed1ng virus \u2026Nguy\u00ean nh\u00e2n l\u00e0 ph\u00f3ng vi\u00ean n\u00e0y \u0111\u00e3 s\u1eed d\u1ee5ng m\u00e1y t\u00ednh trong c\u00e1c qu\u00e1n c\u00e0 ph\u00ea Wifi thi\u1ebfu c\u1ea9n tr\u1ecdng b\u1ecb hacker t\u1ea5n c\u00f4ng Session Hijacking<\/strong> \u0111\u1ed9t nh\u1eadp v\u00e0o h\u1ed9p th\u01b0 \u0111i\u1ec7n t\u1eed l\u1ea5y \u0111i c\u00e1c tin b\u00e0i quan tr\u1ecdng.<\/p>\n

Do \u0111\u00f3, trong v\u00e0i tr\u00f2 c\u1ee7a m\u1ed9t chuy\u00ean gia b\u1ea3o m\u1eadt hay CEH ch\u00fang ta c\u1ea7n h\u01b0\u1edbng d\u1eabn ng\u01b0\u1eddi d\u00f9ng tr\u00e1nh s\u1eed d\u1ee5ng m\u00e1y t\u00ednh trong m\u00f4i tr\u01b0\u1eddng c\u00f4ng c\u1ed9ng (un-trusted) thi\u1ebfu c\u1ea9n tr\u1ecdng, v\u00ec d\u1ea1ng t\u1ea5n c\u00f4ng Session Hijacking r\u1ea5t d\u1ec5 ti\u1ebfn h\u00e0nh, \u0111\u1eb7c bi\u1ec7t l\u00e0 trong m\u00f4i tr\u01b0\u1eddng m\u1ea1ng kh\u00f4ng d\u00e2y th\u00ec t\u1ec9 l\u1ec7 th\u00e0nh c\u00f4ng r\u1ea5t cao. Trong ch\u01b0\u01a1ng tr\u00ecnh \u0111\u00e0o t\u1ea1o v\u1ec1 an to\u00e0n th\u00f4ng tin cho c\u00e1c c\u00e1n b\u1ed9 c\u1ee7a T\u1ed5ng C\u1ee5c H\u1ea3i Quan t\u00f4i c\u00f3 tr\u00ecnh b\u00e0y m\u1ed9t t\u00ecnh hu\u1ed1ng Side Jacking \u0111\u1ec3 minh h\u1ecda t\u00e1c \u0111\u1ed9ng c\u1ee7a n\u00f3 v\u00e0 khi h\u1ecdc vi\u00ean th\u1ef1c h\u00e0nh trong m\u00f4i tr\u01b0\u1eddng th\u1ef1c t\u1ebf th\u00ec h\u1ea7u h\u1ebft \u0111\u1ec1u cho r\u1eb1ng \u0111\u1ea1t k\u1ebft qu\u1ea3 th\u00e0nh c\u00f4ng.<\/p>\n

V\u1eady L\u00e0m Sao Ph\u00f2ng Ch\u1ed1ng Session Hijacking ?<\/strong><\/p>\n

\u0110\u1ec3 ph\u00f2ng ch\u1ed1ng kh\u00f4ng b\u1ecb t\u1ea5n c\u00f4ng Session Hijacking th\u00ec ch\u00fang ta c\u1ea7n ph\u00f2ng tr\u00e1nh b\u1ecb nghe l\u00e9n, m\u1ed9t khi hacker kh\u00f4ng th\u1ec3 nghe l\u00e9n \u0111\u01b0\u1ee3c th\u00ec c\u0169ng koh6ng th\u1ec3 t\u1ea5n c\u00f4ng v\u00e0o session c\u1ee7a ng\u01b0\u1eddi d\u00f9ng. M\u1ed9t torng c\u00e1c gi\u1ea3i ph\u00e1p \u0111\u1ebf tr\u00e1nh c\u00e1c sniffer ch\u00ednh l\u00e0 m\u00e3 h\u00f3a d\u1eef li\u1ec7u, m\u00e3 h\u00f3a \u0111\u01b0\u1eddng truy\u1ec1n v\u1edbi c\u00e1c k\u1ef9 thu\u1eadt nh\u01b0 d\u00f9ng Secure Shell (SSH thay cho Telnet th\u00f4ng th\u01b0\u1eddng) khi qu\u1ea3n tr\u1ecb t\u1eeb xa hay \u00e1p d\u1ee5ng Secure Socket Layer (SSL d\u00f9ng cho truy\u1ec1n th\u00f4ng qua HTTPS ).<\/p>\n

Xem th\u00eam: C\u00e1ch Xem Bao Nhi\u00eau Ng\u01b0\u1eddi D\u00f9ng Wifi Nh\u00e0 B\u1ea1n, C\u00e1ch Ki\u1ec3m Tra M\u1ea1ng Wifi C\u00f3 Bao Nhi\u00eau Ng\u01b0\u1eddi D\u00f9ng<\/a><\/p>\n

Ngo\u00e0i ra ch\u00fang ta c\u00f3 th\u1ec3 ng\u0103n kh\u00f4ng cho hacker t\u01b0\u01a1ng t\u00e1c v\u00e0o \u0111\u01b0\u1eddng truy\u1ec1n c\u0169ng gi\u00fap lo\u1ea1i b\u1ecf nguy c\u01a1 b\u1ecb t\u1ea5n c\u00f4ng n\u00e0y, v\u1edbi nh\u1eefng gi\u1ea3i ph\u00e1p h\u1eefu hi\u1ec7u nh\u01b0 d\u00f9ng m\u1ea1ng ri\u00eang \u1ea3o (VPN), hay \u00e1p d\u1ee5ng IPSEC. Nhi\u1ec1u \u00fd ki\u1ebfn c\u00f2n cho r\u1eb1ng khi truy c\u1eadp internet \u1edf m\u00f4i tr\u01b0\u1eddng c\u00f4ng c\u1ed9ng h\u00e3y d\u00f9ng c\u00e1c thi\u1ebft b\u1ecb DCOM 3G c\u0169ng gi\u1ea3m \u0111\u00e1ng k\u1ec3 nguy c\u01a1 m\u1ea5t m\u00e1t d\u1eef li\u1ec7u. Sau \u0111\u00e2y l\u00e0 m\u1ed9t s\u1ed1 khuy\u1ebfn ngh\u1ecb nh\u1eb1m ng\u0103n ng\u1eeba Session Hijacking:<\/p>\n

S\u1eed d\u1ee5ng m\u00e3 h\u00f3a. \u1ee8ng d\u1ee5ng c\u00e1c giao th\u1ee9c an to\u00e0n. H\u1ea1n ch\u1ebf c\u00e1c k\u1ebft n\u1ed1i \u0111\u1ea7u v\u00e0o. Gi\u1ea3m c\u00e1c truy c\u1eadp t\u1eeb xa. C\u00f3 ch\u1ebf \u0111\u1ed9 x\u00e1c th\u1ef1c m\u1ea1nh m\u1ebd. Hu\u1ea5n luy\u1ec7n cho ng\u01b0\u1eddi d\u00f9ng, n\u00e2ng cao nh\u1eadn th\u1ee9c an to\u00e0n th\u00f4ng tin. S\u1eed d\u1ee5ng c\u00e1c th\u00f4ng tin truy c\u1eadp kh\u00e1c nhau cho c\u00e1c t\u00e0i kho\u1ea3n kh\u00e1c nhau. <\/p>\n

T\u1ed5ng K\u1ebft<\/strong> Trong ch\u01b0\u01a1ng tr\u00ean ch\u00fang ta \u0111\u00e3 th\u1ea3o lu\u1eadn v\u1ec1 m\u1ed9t h\u00ecnh th\u1ee9c t\u1ea5n c\u00f4ng th\u00f4ng d\u1ee5ng, d\u1ec5 ti\u1ebfn h\u00e0nh v\u00e0 \u0111\u1eb7c bi\u1ec7t nguy hi\u1ec3m tr\u00ean c\u00e1c h\u1ec7 th\u1ed1ng m\u1ea1ng kh\u00f4ng d\u00e2y \u0111\u00f3 l\u00e0 t\u1ea5n c\u00f4ng Session Hijacking<\/strong>. C\u00e1c b\u1ea1n \u0111\u00e3 n\u1eafm nh\u1eefng c\u00f4ng c\u1ee5 m\u1ea1nh hay \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng hi\u1ec7n nay c\u0169ng nh\u01b0 c\u00e1c h\u01b0\u1edbng d\u1eabn k\u00e8m theo, v\u00e0 trong vai tr\u00f2 CEH ch\u00fang ta c\u1ea7n bi\u1ebft r\u00f5 t\u00e1c h\u1ea1i c\u1ee7a Session Hijacking c\u0169ng nh\u01b0 gi\u1ea3i ph\u00e1p ph\u00f2ng ch\u1ed1ng \u0111\u1ec3 c\u00f3 th\u1ec3 b\u1ea3o v\u1ec7 d\u1eef li\u1ec7u cho ch\u00ednh m\u00ecnh v\u00e0 h\u01b0\u1edbng d\u1eabn ng\u01b0\u1eddi d\u00f9ng c\u00e1c thao t\u00e1c nh\u1eb1m b\u1ea3o v\u1ec7 t\u00ednh ri\u00eang t\u01b0, ph\u00f2ng ch\u1ed1ng b\u1ecb m\u1ea5t c\u1eafp d\u1eef li\u1ec7u. Trong ph\u1ea7n ti\u1ebfp theo ch\u00fang ta s\u1ebd th\u1ea3o lu\u1eadn v\u1ec1 m\u1ed9t ch\u1ee7 \u0111\u1ec1 r\u1ea5t \u0111\u01b0\u1ee3c quan t\u00e2m l\u00e0 \u201cT\u1ea5n C\u00f4ng Web Server\u201d.<\/strong><\/p>\n

Chuy\u00ean m\u1ee5c: C\u00f4ng Ngh\u1ec7<\/a><\/div>\n","protected":false},"excerpt":{"rendered":"

Session Hijacking L\u00e0 G\u00ec ? Ti\u1ebfp theo, ch\u00fang ta s\u1ebd t\u00ecm hi\u1ec3u v\u1ec1 ch\u1ee7 \u0111\u1ec1 Session Hijacking, m\u1ed9t h\u00ecnh th\u1ee9c t\u1ea5n c\u00f4ng ph\u1ed5 bi\u1ebfn nh\u1eafm v\u00e0o c\u00e1c ng\u01b0\u1eddi d\u00f9ng m\u1ea1ng x\u00e3 h\u1ed9i nh\u01b0 Facebook hay nh\u1eefng h\u1ed9p th\u01b0 Gmail, Yahoo. Session Hijacking l\u00e0 h\u00ecnh th\u1ee9c t\u1ea5n c\u00f4ng v\u00e0o phi\u00ean l\u00e0m vi\u1ec7c gi\u1eefa client v\u00e0 server…<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[46],"tags":[],"_links":{"self":[{"href":"https:\/\/httl.com.vn\/wiki\/wp-json\/wp\/v2\/posts\/41351"}],"collection":[{"href":"https:\/\/httl.com.vn\/wiki\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/httl.com.vn\/wiki\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/httl.com.vn\/wiki\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/httl.com.vn\/wiki\/wp-json\/wp\/v2\/comments?post=41351"}],"version-history":[{"count":0,"href":"https:\/\/httl.com.vn\/wiki\/wp-json\/wp\/v2\/posts\/41351\/revisions"}],"wp:attachment":[{"href":"https:\/\/httl.com.vn\/wiki\/wp-json\/wp\/v2\/media?parent=41351"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/httl.com.vn\/wiki\/wp-json\/wp\/v2\/categories?post=41351"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/httl.com.vn\/wiki\/wp-json\/wp\/v2\/tags?post=41351"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}