Session Hijacking (Cookie Hijacking) using Ettercap, Ferret and Hamster
Steps and instructions -
Hey guys whats up -
We will do a Session Hijacking today....
First we want to know what is this process ???
Session Hijacking aka Cookie Hijacking - In computer science, session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session. Sometimes also called a session key is to gain unauthorized access to information or services in a computer system.
Requirements to conduct this penetration testing -
* Kali Linux
*Inbuilt tools in Kali - Ettercap, Ferret and Hamster.
*A target machine.
Lets do this -
* Set up Man In The Middle Attack vectors (Tools needed to do this hack)
* Run Ettercap - open a terminal and type "ettercap -G"
This will give us a graphical interface for ettercap tool
It will give you a graphical interface like this
Now select sniff from the menu
And select Unisniff
Then you have to select the network interface. Mine is eth0. If you don't know you default interface, open another terminal and type in "ifconfig". This will show you your interfaces.
Now from the menu again select "hosts"
And "select scan for hosts"
It will scan for hosts in the network and give results at the bottom
Now select "Mitm"
And "ARP poisoning" from the sub menu
It will show you an option tab. Make sure the first option is check marked ie "sniff remote connections"
Just start the sniffing process from the start menu at the top
Now the ettercap is setup. Just minimize it and open a new terminal.
Now we want to run Ferret tool.
So say "ferret -i eth0" inside the new terminal and hit enter.
Just minimize this tool as it will do its work.
Now we want to run Hamster.
Open another terminal and type in "hamster"
This will listen to the loopback IP ie 127.0.0.1 and port 1234.
Great, now we will open IceWeasle browser and in the URL tab enter the loopbak IP and port number ie 127.0.0.1:1234
This will open a web interface for Hamster.
Now we need to set the adapters. At the top we get an option as 'adapters'. Set it to eth0 by clicking on it.
After some time, you will get some IP addresses at the bottom of the page. One of them is your target IP address.
I have a windows machine running in my network. Which is my target system. Lets check the IP address if it has been detected.
Yes it has detected. Now click on that IP address in the Hamster web interface to see the cookies and sessions.
(I will open a browser in the target machine to see if Kali gets to sniff the home URL)
This will be showed after you click on the IP. Some cookies. Click on a cookie to see what the target is using or doing in the network.
Note that I had opened a browser (internet explorer) and it is showing the URl which it has opened.
You will get a lot of cookies. They are the sessions in which the target is into.
If the target is using chat websites, you can take a peek inside their messages.
Ok guys, thanks for reading the tutorial.
Have a safe hack.
You may want to see my other tutorials -