Replay attack

Replay attack

"Replay" attacks are "Man in the middle" attacks that involve intercepting data packets and replaying them, that is, resending them as is (with no decryption) to the receiving server.

As a result, depending on the context, the hacker can benefit from the user's rights. Imagine a scenario in which a client sends an encrypted user name and password to a server to log in. If a hacker intercepts the communication (using monitoring software) and replays the sequence, he will obtain the same rights as the user. If the system enables password modification, he could even replace it with another, depriving the user of his access.

Jean-François Pillou

CCM is a leading international tech website. Our content is written in collaboration with IT experts, under the direction of Jeff Pillou, founder of CCM reaches more than 50 million unique visitors per month and is available in 11 languages.

Learn more about the CCM team


Latest update on October 16, 2008 at 09:43 AM by Jean-François Pillou.

This document, titled "Replay attack," is available under the Creative Commons license. Any copy, reuse, or modification of the content should be sufficiently credited to CCM (