312-50V10 · Question #753
You are attempting to man-in-the-middle a session. Which protocol will allow you to guess a sequence number?
The correct answer is B. TCP. TCP uses 32-bit sequence numbers to maintain session state, making it the target protocol for session hijacking attacks that rely on sequence number prediction.
Question
You are attempting to man-in-the-middle a session. Which protocol will allow you to guess a sequence number?
Options
- AICMP
- BTCP
- CUPX
- DUPD
How the community answered
(61 responses)- A3% (2)
- B87% (53)
- C2% (1)
- D8% (5)
Why each option
TCP uses 32-bit sequence numbers to maintain session state, making it the target protocol for session hijacking attacks that rely on sequence number prediction.
ICMP is a diagnostic and error-reporting protocol that does not maintain stateful sessions with exploitable sequence numbers.
TCP (Transmission Control Protocol) maintains stateful connections using sequence numbers to track packet order and acknowledge delivery. In a man-in-the-middle or session hijacking attack, an attacker predicts or sniffs these sequence numbers to inject crafted packets into an established session. This exploit, known as TCP session hijacking, directly abuses the sequence numbering mechanism defined in the TCP specification.
UPX is a binary file compressor and packer utility, not a network protocol, and is entirely unrelated to man-in-the-middle attacks.
UDP is connectionless and stateless, meaning it does not use sequence numbers to maintain session state, so session hijacking via sequence number prediction does not apply.
Concept tested: TCP sequence number prediction for session hijacking
Source: https://www.rfc-editor.org/rfc/rfc9293
Topics
Community Discussion
No community discussion yet for this question.