Backtrack Series - 12: Session Hijacking for Secure Websites

[fifo_thekid]

In this tutorial we will hijack a live session so that we can have the same priviliges of the account without having any information about the username and password. We will start by redirecting the secure traffic to an insecure server using SSLStrip, next we use ferret to extract cookies from the traffic and then we will use hamster to inject the cookies in the browser

This is the link for the online video:
Online Video

And here you can find the required files (video12.txt which has the complete explanation)
Attachments

[imaginary]

can you put that modified Roguev3.sh ? please

and thanks it's good series i love it :*

[fifo_thekid]

can you put that modified Roguev3.sh ? please

and thanks it's good series i love it :*

It's available in the attachments of my previous tutorial
Backtrack Series 11: Retrieving Forum Passwords Using MITM + Rcrack

Thnx for the support

[freemymind]

Another great video!
Good quality and great content.
Thank you, looking to try this soon. As mentioned in the other post also looking forward to more, keep up the great work.

[imported_g0tmi1k]

*YEY*
Another vid for the backtrack series!
Will give it a go myself some stage tomorrow!
Well done && thanks! (=

edit:
Work well for me (=

Download the video [HD] (with the guide & Roguev3.sh)
http://www.mediafire.com/download.php?gyunjtyzmmu

[imported_K1LLb0x]

wow, your videos are awesome, keep up the good work and keep on using different programs...

[TheBrotherOf]

I appreciate the tutorial, but as of yet I've been unable to get it working. Rather than using a rouge AP, I've just been using MITM/arp spoofing to direct packets to Ferret/Hamster. Hamster gets targets to clone and lists the links, but the links don't seem to work properly. The pages load, but I don't seem to be getting the hijacked permissions... gmail and yahoo mail both just load the login pages.

Does it matter that I'm using arp spoofing to get the packets rather than a rogue ap?