Host-based Session Hijacking
¨Attacker can hijack a session on source or destination machine if he has super user privileges on that machine
¨Highjacking tool allows attacker to interact with the local terminal devices (tty)
¨Attacker can read all session information from victim’s tty
¨Attacker can control victim’s tty by injecting keystrokes into the tty
¨Host-based session hijacking preferable to network-based session hijacking if target machine is already compromised