Description:
This is the video of the talk titled "
Building a Blind TCP IP Hijacking Tool" given by Alex at
HITB 2009.
Presentation AbstractIn 2007 lkm released a paper in Phrack about how to perform Blind TCP/IP Hijacking by abusing the incremental IP ID information leak to conduct non-blind brute force attempts of TCP sequence and ACK numbers, however no tools have been released and this attack has been largely ignored by the security community, this talk will work around some non-reproducable results in the paper, expand on some non-explored areas (such as attacking users behind a NAT), and describe and release a working tool to perform this attack.
About Alex ‘kuza55’ KouzemtchenkoAlex Kouzemtchenko has been an active member of the web application security research community for the past several years, publishing several papers and has presented his findings at several conferences such as Bluehat, the Chaos Communications Congress, RUXCON, Power of Community and XCon. Alex is an Associate Consultant at stratsec where he gets paid to find new ways to break things and apply that work to consulting engagements.
Tags: fun ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Comments: