You are the IT security administrator for a small corporate network. The HR director is concerned that an employee is doing some
thing sneaky on the company's employee portal and has authorized you to hijack his web session so you can investigate. Your task is to hijack a web session as follows:
a. On IT-Laptop, use Ettercap to sniff traffic between the employee's computer in Office1 and the gateway.
b. Initiate a man-in-the-middle attack to capture the session ID for the employee portal logon.
c. On Office1, log in to the employee portal on rmksupplies using Chrome and the following credentials: Username: bjackson Password:
d. On Office2, navigate to rmksupplies and use the cookie editor plug-in in Chrome to inject the session ID cookie. Verify that you hijacked the session.
