Session Hi-jack Testing
So I've been doing a lot of different security testing exercises and was wanting to get in some better session hijacking practice than the very stripped down labs that we used in my CEH course. I was wondering if it is illegal to perform a session hi-jacking attack against your own session with a third party. My immediate thoughts were, "its my session that i'm hi-jacking so...no harm, no foul." But its obviously a grey area, just given the fact that there is a third party involved. So just curious if anyone knows if this actually is illegal. Thanks.