What Does Sidejacking Mean?
Sidejacking refers to the use of unauthorized identification credentials to hijack a valid Web session remotely in order to to take over a specific Web server. Usually sidejacking attacks are performed through accounts where the user types in their username and password. Sidejacking attacks work to find a nonsecure sockets layer (SSL) cookie. Usually, websites that have users type in their usernames and passwords are the type that get sidejacked. Websites that use SSLs don’t have as much of a chance of being sidejacked, but if the webmasters neglect to authenticate the site itself through encryption, SSL use can be negated. Unsecured Wi-Fi hot spots are also vulnerable.
Sidejacking employs packet sniffing to steal a cookie and read network traffic. The data sent to the server or the Web pages viewed by the victim are captured, allowing the perpetrator to steal private information and impersonate the user for personal gain.