Results 1 to 10 of 28

Thread: Backtrack Series - 12: Session Hijacking for Secure Websites

Hybrid View

  1. #1
    Junior Member
    Join Date
    Feb 2010
    Posts
    38

    Default Backtrack Series - 12: Session Hijacking for Secure Websites

    In this tutorial we will hijack a live session so that we can have the same priviliges of the account without having any information about the username and password. We will start by redirecting the secure traffic to an insecure server using SSLStrip, next we use ferret to extract cookies from the traffic and then we will use hamster to inject the cookies in the browser

    This is the link for the online video:
    Online Video

    And here you can find the required files (video12.txt which has the complete explanation)
    Attachments

  2. #2
    Just burned his ISO
    Join Date
    Jun 2009
    Posts
    5

    Default

    can you put that modified Roguev3.sh ? please

    and thanks it's good series i love it :*

  3. #3
    Junior Member
    Join Date
    Feb 2010
    Posts
    38

    Default

    Quote Originally Posted by imaginary View Post
    can you put that modified Roguev3.sh ? please

    and thanks it's good series i love it :*
    It's available in the attachments of my previous tutorial
    Backtrack Series 11: Retrieving Forum Passwords Using MITM + Rcrack

    Thnx for the support

  4. #4

    Default

    Another great video!
    Good quality and great content.
    Thank you, looking to try this soon. As mentioned in the other post also looking forward to more, keep up the great work.
    15" MBP 8 gigs o ram 256 gig SSD in drivebay + 256 gig 5400 HD
    1000HE EEE 30 gig SSD 2 gigs Ram

  5. #5

    Default

    *YEY*
    Another vid for the backtrack series!
    Will give it a go myself some stage tomorrow!
    Well done && thanks! (=

    edit:
    Work well for me (=

    Download the video [HD] (with the guide & Roguev3.sh)
    http://www.mediafire.com/download.php?gyunjtyzmmu
    ~ Have you, g0tmi1k? ~
    :rolleyes: <(^^,)> :p d[-_^]b (= =D-->--< :eek:

  6. #6
    Just burned his ISO imported_K1LLb0x's Avatar
    Join Date
    Jun 2009
    Posts
    5

    Default

    wow, your videos are awesome, keep up the good work and keep on using different programs...

  7. #7
    Just burned his ISO
    Join Date
    Aug 2009
    Posts
    10

    Default

    I appreciate the tutorial, but as of yet I've been unable to get it working. Rather than using a rouge AP, I've just been using MITM/arp spoofing to direct packets to Ferret/Hamster. Hamster gets targets to clone and lists the links, but the links don't seem to work properly. The pages load, but I don't seem to be getting the hijacked permissions... gmail and yahoo mail both just load the login pages.

    Does it matter that I'm using arp spoofing to get the packets rather than a rogue ap?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •