Overview#
Replay attack (also known as playback
exploit) is a form of network
exploit in which a valid data transmission is maliciously or fraudulently repeated or delayed.
Replay attack is carried out either by the originator or by an Attacker who intercepts the data and re-transmits it, possibly as part of a masquerade attack by IP packet substitution.
Suppose
Alice wants to prove her identity to
Bob.
Bob requests her
password as
proof of identity, which
Alice dutifully provides (possibly after some transformation like a hash function); meanwhile,
Eve is eavesdropping on the conversation and keeps the
password (or the hash). After the interchange is over,
Eve (posing as
Alice) connects to
Bob; when asked for a
proof of identity,
Eve sends
Alice's password (or hash) read from the last session, which
Bob accepts thus granting access to
Eve.
There might be more information for this subject on one of the following: