Create an Account
username: password:
 
  MemeStreams Logo

RE: Surf Jacking

search


RE: Surf Jacking
by kuza55 at 6:01 am EDT, Aug 15, 2008

Acidus wrote:
If you can hijack network sessions HTTP cookie theft is a fairly tame thing to do. For example, just MITM a victim when they first try to connect to the secure site. 99.5% of users ignore broken SSL certs anyway. And this works against site's with rotating session ids where surf jacking would not.

It is fairly tame, but the tool is very nice and easy to use, and while it's a well known issue it's always nice to be able to pull out an easy-to-use tool when nothing else is working and your victim is somewhat security concious.

RE: Surf Jacking


 
 
Powered By Industrial Memetics