Ethical Hacking 简明教程
Ethical Hacking - TCP/IP Hijacking
TCP/IP Hijacking is when an authorized user gains access to a genuine network connection of another user. It is done in order to bypass the password authentication which is normally the start of a session.
In theory, a TCP/IP connection is established as shown below −
要挟持这个连接,有两个可能性−
To hijack this connection, there are two possibilities −
-
Find the seq which is a number that increases by 1, but there is no chance to predict it.
-
The second possibility is to use the Man-in-the-Middle attack which, in simple words, is a type of network sniffing. For sniffing, we use tools like Wireshark or Ethercap.
Example
攻击者监视网络上的数据传输,发现参与连接的两个设备的 IP。
An attacker monitors the data transmission over a network and discovers the IP’s of two devices that participate in a connection.
当黑客发现其中一个用户的 IP 时,他可以通过 DoS 攻击中断另一个用户的连接,然后通过欺骗已断开连接的用户的 IP 来恢复通信。
When the hacker discovers the IP of one of the users, he can put down the connection of the other user by DoS attack and then resume communication by spoofing the IP of the disconnected user.
Shijack
在实践中,最佳的 TCP/IP 劫持工具之一是 Shijack。它是使用 Python 语言开发的,你可以从下面的链接下载它 - https://packetstormsecurity.com/sniffers/shijack.tgz
In practice, one of the best TCP/IP hijack tools is Shijack. It is developed using Python language and you can download it from the following link − https://packetstormsecurity.com/sniffers/shijack.tgz
以下是 Shijack 命令的一个示例 -
Here is an example of a Shijack command −
root:/home/root/hijack# ./shijack eth0 192.168.0.100 53517 192.168.0.200 23
在这里,我们试图劫持两个主机之间的 Telnet 连接。
Here, we are trying to hijack a Telnet connection between the two hosts.
Hunt
Hunt 是另一个你可以用来劫持 TCP/IP 连接的流行工具。它可以从 - https://packetstormsecurity.com/sniffers/hunt/ 下载
Hunt is another popular tool that you can use to hijack a TCP/IP connection. It can be downloaded from − https://packetstormsecurity.com/sniffers/hunt/
