会话劫持

了解对web应用程序页和控件的最高威胁，包括代码注入、信息泄漏、会话劫持、身份欺骗、参数操作和网络监听。

Understand the top threats to web application pages and controls , including code injection , information disclosure , session hijacking , identity spoofing , parameter manipulation , and network eavesdropping .

移动IPv6安全问题的关键是伪造的家乡地址和转交地址绑定可能导致会话劫持和拒绝服务攻击。

The key issue of mobile IPv6 security is as follows : false binding of home address and care-of address poses a potential for session hijacking and denial of service attacks .

本文主要讨论了借助ARP欺骗，实现的基于TCP协议的会话劫持技术的全过程及其防范措施。

In this paper were mainly discussed the process and the guard measure of session hijack technology which is based on ARP spoofing and TCP protocol .

该系统在802.1x增强性解决方案基础上，增加1台微机作为代理，对网络中的假冒接入点和混杂模式节点进行检测，以杜绝802.1x方案中的中间人攻击和会话劫持攻击。

On the basis of the enhanced resolution of 802.1x , the system adds a computer as the agent and detects the counterfeit accessing point and the promiscuous node in the network to prevent the intermediator and the conversation hijacking attack in the 802.1x .

不可靠路由会话劫持攻击分析与检测

Session hijack analysis and detecting in untrusted route

在此基础上，攻击者可以监听目标主机的通信，也可以篡改数据，进行会话劫持。

An attacker could monitor , tamper with data , and hijack a session on this basis .

当受到会话劫持攻击时，浏览器仍然会执行会话劫持代码，但是由于浏览器从未收到过会话信息，因此该信息不会被攻击者获取。

In case of a session hijacking attack , the browser will still execute the session hijacking code , but the session information will not be available since the browser never received it .

交换式网络下HTTP会话的劫持研究及其对策

HTTP Session Hijacking on Switch LAN and Its Countermeasures

这里举这些漏洞的三个例子，包括虚拟机逃逸、会话控制和劫持以及不安全或过时的加密。

Three examples of such vul ­ nerabilities are virtual machine escape , session riding and hijacking , and insecure or obsolete cryptography .