Application-Based TCP Hijacking
The authors present application-based TCP hijacking (ABTH), a new attack on TCP applications that exploits flaws due to the interplay between TCP and application protocols to inject data into an application session without either server or client applications noticing the spoofing attack. Following the injection of a TCP packet, ABTH resynchronizes the TCP stacks of both the server and the client. To evaluate the feasibility and effectiveness of ABTH, the authors developed a tool that allows impersonating users of Windows Live Messenger in the matter of few seconds. Due to its generic nature, ABTH can be mounted on a variety of modern protocols for TCP-based applications.