|
Brought to you by:
Suppliers of:
|
|
|
| |
Credit:
Juggernaut was written by: route at infonexus.com
It was first introduced on Phrack on-line magazine, issue 50.
You can find the original article here: http://westphila.net/mike/texts/Phrack50/P50-06.html
|
| |
Juggernaut is basically a network sniffer that can also be used to hijack TCP sessions. It runs on Linux and has a Trinux module as well (for more information about Trinux, read our article: Trinux, The Linux Security Toolkit)
Juggernaut can be activated to watch all network traffic on the local network, or can be set to listen for a special "token". For example, Juggernaut can be configured to wait for the login prompt, and then record the network traffic that follows (usually capturing the password). By doing so, this tool can be used to historically capture certain types of traffic by simply leaving the tool running for a few days, and then the attacker just has to pick up the log file that contains the recorded traffic. This is different than regular network sniffers that record all network traffic making the log files extremely huge (and thus easy to detect).
But the main feature of this program is its ability to maintain a connection database. This means an attacker can watch all the TCP based connection made on the local network, and possibly "hijack" the session. After the connection is made, the attacker can watch the entire session (for a telnet session, this means the attacker sees the "playback" of the entire session. This is like actually seeing the telnet window).
When an active session is watched, the attacker can performed some actions on that connection, besides passively watching it. Juggernaut is capable of resetting the connection (which basically means terminating it), and also hijacking the connection - allowing the attacker to insert commands in the session or even to completely take the session into his/her hands (resetting connection on the legitimate client).
|
| Subject:
|
Req:Technical informations |
Date: |
16 Mar. 2006 |
| From: |
pingsanthoshgmail.com |
Hi team ..
I am a network security enginner fresh to field..Plz provide me clear technical informations about hijacking ...Thanks in advance |
|
| Subject:
|
Technical informations |
Date: |
31 Mar. 2006 |
| From: |
fshzhj_521sina.com.cn |
| I am a network security engineer fresh to field..Plz provide me clear technical information about hijacking ...Thanks in advance |
|
| Subject:
|
HELP NEEDED |
Date: |
21 Jul. 2007 |
| From: |
jilboudyahoo.com |
what is the newest version of juggernaut for windows or linux?
any interesting tools for hijacking? I would like to know step by step how to penetrate an network ONCE YOU KNOW THE IP ADDRESS... |
|
|
|
|
|
|
