Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

Discuss control hijacking in computer security.

Control hijacking in computer security is a type of attack where an unauthorized party takes control of a communication or established connection. This is often referred to as a man-in-the-middle attack. Here’s a simplified breakdown:


  • Control hijacking involves an attacker seizing control of an ongoing communication.


  • The attacker intercepts messages, like those in a public key exchange, and retransmits them with their own alterations, making it seem like the two parties are still communicating directly.


  • The attacker can use a program that looks like the server to the client and appears as the client to the server.


  • The attacker’s goal can be to gain access to messages or modify them before retransmitting.

Goals of Control Hijacking:

  • a. Takeover Target Machine:
    • For example, seizing control of a web server.
  • b. Execute Arbitrary Code:
    • By manipulating application control flow, the attacker aims to run their own code on the target.

Types of Control Hijacking:

  • a. Buffer Overflow Attacks:
    • Exploiting programs that allow more data into a space (buffer) than it can handle, leading to overwriting and control takeover.
  • b. Integer Overflow Attacks:
    • Manipulating integer values to overflow their allotted size, potentially causing unexpected behavior and control compromise.
  • c. Format String Vulnerabilities:
    • Exploiting vulnerabilities related to how programs handle format specifiers in input, which can lead to control hijacking.

Leave a Comment