Description: This video demonstrates a popular Man-In-The-Middle attack known as "Session Hijacking". After "arpspoofing" our victim's machine and redirecting their web traffic to an interception proxy we can monitor the Authentication Cookies used to establish their encrypted HTTPS session. Once we capture the cookies we simply apply them to our own browser and we can now impersonate that user on the target web server. Even when using Multi-Factor Authentication!
http://www.pentestgeek.com
Tags: "Session Hijacking" , "Arp Spoofing" , "Burp" , "Hacking" , "Hack" , "Hacker" ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.