Wednesday, 18 January 2017

Session Hijacking (MITM for cookies-side jacking)

Session Hijacking (Cookie Hijacking) using Ettercap, Ferret and Hamster



 Steps and instructions - 


Hey guys whats up -

We will do a Session Hijacking today.... 

First we want to know what is this process ???

Session Hijacking aka Cookie Hijacking - In computer science, session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session. Sometimes also called a session key is to gain unauthorized access to information or services in a computer system.

Requirements to conduct this penetration testing - 

* Kali Linux
*Inbuilt tools in Kali - Ettercap, Ferret and Hamster.
*A target machine.

Lets do this - 

* Set up Man In The Middle Attack vectors (Tools needed to do this hack)

* Run Ettercap - open a terminal and type "ettercap -G"

This will give us a graphical interface for ettercap tool 


It will give you a graphical interface like this 


Now select sniff from the menu 
And select Unisniff 


Then you have to select the network interface. Mine is eth0. If you don't know you default interface, open another terminal and type in "ifconfig". This will show you your interfaces. 


Now from the menu again select "hosts"
And "select scan for hosts"


It will scan for hosts in the network and give results at the bottom


Now select "Mitm"
And "ARP poisoning" from the sub menu


It will show you an option tab. Make sure the first option is check marked ie "sniff remote connections"


Just start the sniffing process from the start menu at the top





Now the ettercap is setup. Just minimize it and open a new terminal.

Now we want to run Ferret tool.

So say "ferret -i eth0" inside the new terminal and hit enter.


Just minimize this tool as it will do its work.

Now we want to run Hamster.

Open another terminal and type in "hamster"


This will listen to the loopback IP ie 127.0.0.1 and port 1234.

Great, now we will open IceWeasle browser and in the URL tab enter the loopbak IP and port number ie 127.0.0.1:1234



This will open a web interface for Hamster. 

Now we need to set the adapters. At the top we get an option as 'adapters'. Set it to eth0 by clicking on it.


After some time, you will get some IP addresses at the bottom of the page. One of them is your target IP address. 



I have a windows machine running in my network. Which is my target system. Lets check the IP address if it has been detected.


Yes it has detected. Now click on that IP address in the Hamster web interface to see the cookies and sessions.

(I will open a browser in the target machine to see if Kali gets to sniff the home URL)


This will be showed after you click on the IP. Some cookies. Click on a cookie to see what the target is using or doing in the network.


Note that I had opened a browser (internet explorer) and it is showing the URl which it has opened.

You will get a lot of cookies. They are the sessions in which the target is into.

If the target is using chat websites, you can take a peek inside their messages. 

Ok guys, thanks for reading the tutorial. 

Have a safe hack.


You may want to see my other tutorials - 

















Posted by at
Labels:

8 comments:

  1. Harinderpreet Singh31 January 2017 at 06:30

    dude can get password [router hacking]

    ReplyDelete
    Replies
    1. Sai31 January 2017 at 06:38

      i am on making a tutorial on hacking random home routers. wait for it to come. the topic is pretty awesome

      Delete
  2. Anonymous12 November 2017 at 05:30

    Hi do you set both of your kali and windows 7 to host only mode ?

    ReplyDelete
  3. Unknown6 December 2017 at 05:14

    Hello guys. I am new with linux and i am getting this error whenever i run this. hamster execle(ferret) no such file or directory.

    The hamster and ferret exec are both in the usr/applications dir . Tried creating a symlink but command is not working. Can you please advise what i should try.

    ReplyDelete
  4. Anonymous9 February 2018 at 13:35

    i have tried everything to get ferret in kali, but nothing is working. Can anyone help?

    ReplyDelete
  5. damion1 August 2019 at 03:35

    AD0-E200 Dumps - Examcollection AD0-E200 Dumps July 2019 included explanatory notes, labs and Multiple choice question answers that will provide you most comprehensive

    ReplyDelete
  6. Leads Seller22 July 2020 at 13:44

    Hey Guys !

    USA Fresh & Verified SSN Leads with DL Number AVAILABLE with 99.9% connectivity
    All Leads have genuine & valid information

    **HEADERS IN LEADS**
    First Name | Last Name | SSN | Dob | DL Number | Address | City | State | Zip | Phone Number | Account Number | Bank Name | Employee Details | IP Address

    *Price for SSN lead $2
    *You can ask for sample before any deal
    *If anyone buy in bulk, we can negotiate
    *Sampling is just for serious buyers

    ==>ACTIVE, FRESH CC & CVV FULLZ AVAILABLE<==
    ->$5 PER EACH

    ->Hope for the long term deal
    ->Interested buyers will be welcome

    **Contact 24/7**
    Whatsapp > +923172721122
    Email > leads.sellers1212@gmail.com
    Telegram > @leadsupplier
    ICQ > 752822040

    ReplyDelete
  7. caris6 December 2020 at 23:59

    https://www.guest-articles.com/others/300-810-implementing-cisco-collaboration-applications-clica-07-12-2020

    ReplyDelete

Subscribe to: Post Comments (Atom)