Control hijacking in computer security is a type of attack where an unauthorized party takes control of a communication or established connection. This is often referred to as a man-in-the-middle attack. Here’s a simplified breakdown:
Overview:
- Control hijacking involves an attacker seizing control of an ongoing communication.
Method:
- The attacker intercepts messages, like those in a public key exchange, and retransmits them with their own alterations, making it seem like the two parties are still communicating directly.
Impersonation:
- The attacker can use a program that looks like the server to the client and appears as the client to the server.
Objectives:
- The attacker’s goal can be to gain access to messages or modify them before retransmitting.
Goals of Control Hijacking:
- a. Takeover Target Machine:
- For example, seizing control of a web server.
- b. Execute Arbitrary Code:
- By manipulating application control flow, the attacker aims to run their own code on the target.
Types of Control Hijacking:
- a. Buffer Overflow Attacks:
- Exploiting programs that allow more data into a space (buffer) than it can handle, leading to overwriting and control takeover.
- b. Integer Overflow Attacks:
- Manipulating integer values to overflow their allotted size, potentially causing unexpected behavior and control compromise.
- c. Format String Vulnerabilities:
- Exploiting vulnerabilities related to how programs handle format specifiers in input, which can lead to control hijacking.