Hacking Methods: Clickjacking, Session Hijacking and DNS Spoofing

Many hackers are real technology buffs with expertise on how computers typically work.Although there are those that enjoy programming and take it as a means to show off their abilities instead of harm others, there are also people who make use of hacking for malicious activities. Whether you are simply curious as to what hacking methods are being used these days or you are looking for ways to protect yourself from attacks, knowing more about these complex hacking methods will benefit you one way or another.

• Clickjacking. This is also commonly referred to as UI redress attack. In this method, attackers will be using multiple opaque or transparent layers in order to trick users into clicking buttons or links that have been programmed differently than expected. Attackers hijack clicks meant for one page and route them to another.This technique is also applicable to keystrokes. With carefully crafted combinations of text boxes, iframes and stylesheets, hackers can lead users to think they are typing passwords in their email. But fact is they are actually typing into invisible frames created and controlled by the attackers.

How to prevent clickjacking:

• Disallow framing from any other domain.
• Use defensive codes in your UI, ensuring that current frames are the only top level windows.

• Session Hijacking. This attack can be of two types:

1. In Active Session Hijacking, attackers hijack while users are still logged on to their accounts or profiles. It is called active session hijacking because attackers will have to interact with their victims in order to successfully steal the session. Interaction can be through social engineering tactics like emailing or private messaging.
2. Passive Session Hijacking is different. This attack is carried out while users are still trying to make a connection with their server. Attackers will often only sit silently on that same network but are actually already recording login credentials being typed in.

How to prevent session hijacking:

• Encrypt data traffic transmitted between parties; particularly the session key.
• Use long random numbers or strings for your session key.
• Always regenerate your session ID right after logging in successfully.
• Never forget to log out after your session.

3. DNS Spoofing. This is an attack where users will be presented fake DNS information. The server will be returning incorrect IP address in response to user requests, forcing users to surf fake or different sites.

How to prevent DNS spoofing:

·         Secure and update internal systems constantly.

·         Deploy intrusion detection and intrusion prevention systems.

·         Utilize DNSSEC. This is a secure technology which allows only the digitally signed DNS information to get published on the DNS servers. The technology also helps prevent fake zone transfers, preventing the infection of DNS servers themselves.