Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: Session Hijacking with Fern Wifi Cracker

  1. #1
    Senior Member savioboyz's Avatar
    Join Date
    Oct 2010
    Location
    Nigeria
    Posts
    118

    Default Session Hijacking with Fern Wifi Cracker

    Fern Cookie Hijacker is a new feature add in Fern Wifi Cracker 1.45 ,it is a wifi based session hijacking tool able to clone remote online web sessions by sniffing and capturing wireless cookie packets from remote hosts by intercepting reachable wireless signals. It is capable of decrypting WEP encrypted packets on the fly to process session cookies transmitted over the air.





    Fern cookie Hijacker comes with smart intergrated code to detect and intercept cookie packets, unlike some cookie detection engines fern cookie hijacker does not wait to collect complete cookie acknowledgement during the initial authentication process, but pulls cookies and associate them with their hosts as they are transmitted over the wireless connection, its also forges to correctness values that are not captured e.g (exipry,isSecure).

    Heres a video that demonstrates how it works:

    [REMOVED YOUTUBE VIDEO]


    The mozilla cookie Sqlite3 database "cookies.sqlite" is no easy task comminucating with, most language api's fail to commmunicate with them due to the fact that mozilla updates their format regularly, this means that and api that is 3.1.5 compliant might not work with a 3.1.6 sqlite database thereby rendering the languages sqlite binding useless at each update..
    Communicating with such database returns a deceptive "file is encrypted or is not a database" error. So i search over the internet for a reliable api but i could not find one, so i wrote this generic api by reverse engineering the mozilla firefox program using IDA Pro and OllyDBG,This platform independent api allows commuication with mozillas Sqlite databases by hooking into its DLL or SO objects (libmozsqlite3.so | mozsqlite3.dll) Hooking and using the DLL is important because using the python's sqlite3 library fails to communicate with the cookie database, and also as said earlier firefox changes its database format on each release. This api communicates with the cookie database no matter what changes are made.

    API Link:

    http://code.google.com/p/fern-wifi-c...cookie_core.py

    THIS VIDEO AND SOFTWARE PROGRAM ARE FOR FOR EDUCATIONAL PURPOSES (MITIGATION) ONLY. TESTING IT ON NETWORKS YOU ARE NOT AUTHORIZED TO TEST IS ILLEGAL
    Last edited by g0tmi1k; 11-16-2012 at 04:15 AM. Reason: Removed YOUTUBE video
    Saviour Emmauel Ekiko

  2. #2
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default Re: Session Hijacking with Fern Wifi Cracker

    Good work! Thank you for sharing with the community, I admire that.

    Cheers and keep it up!

  3. #3
    Member
    Join Date
    Dec 2011
    Posts
    86

    Default Re: Session Hijacking with Fern Wifi Cracker

    does the cookie hijacker work on just WEP or open networks as well?

  4. #4
    Senior Member savioboyz's Avatar
    Join Date
    Oct 2010
    Location
    Nigeria
    Posts
    118

    Default Re: Session Hijacking with Fern Wifi Cracker

    @snayler - Thank you

    @thad0ctor - You can use it on both WEP encrypted networks and open networks
    Saviour Emmauel Ekiko

  5. #5
    Member
    Join Date
    Jan 2010
    Posts
    54

    Default Re: Session Hijacking with Fern Wifi Cracker

    Carnt wait to try this thanks for the release

  6. #6
    Senior Member voidnecron's Avatar
    Join Date
    May 2010
    Posts
    132

    Default Re: Session Hijacking with Fern Wifi Cracker

    You're making it too easy ;-)
    "The difference between RAID1 and RAID0 is that the zero stands for how many files you're gonna have after a harddisk failure."

  7. #7
    Member
    Join Date
    Dec 2011
    Posts
    86

    Default Re: Session Hijacking with Fern Wifi Cracker

    how does the program determine which channel to sniff? can you please make it customizable

  8. #8
    Senior Member savioboyz's Avatar
    Join Date
    Oct 2010
    Location
    Nigeria
    Posts
    118

    Default Re: Session Hijacking with Fern Wifi Cracker

    Quote Originally Posted by thad0ctor View Post
    how does the program determine which channel to sniff? can you please make it customizable
    Sorry it took sometime before replying.. I have been having problems logging into my account recently.

    @Thad0ctor - The program listens to all channels in promiscuous mode, if a wep key is provided, the program attempts to decrypt all encrypted packets using that provided key

    @Deviney -

    @voidnecron - I had to make it as easy as possible for people to use .
    Last edited by savioboyz; 08-08-2012 at 05:42 AM.
    Saviour Emmauel Ekiko

  9. #9
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    6

    Default Re: Session Hijacking with Fern Wifi Cracker

    i was trying to use program when im conected on wpa2 ,and it is working and colecting cookie but in the moment conection break up and comes again ,then colectin stop ,so im asking is there an way to work when im connected on wpa2 ,
    or to acess on ap and turn off wpa2 ,when is open connection works good.
    thanks

  10. #10
    Good friend of the forums zimmaro's Avatar
    Join Date
    Mar 2010
    Location
    milano
    Posts
    407

    Default Re: Session Hijacking with Fern Wifi Cracker

    after update my FERN
    I noticed the presence of the function ethernet.mode (Hijacker in Cookie Hijacker) ....
    is wonderful and works perfectly in my little lab ...!
    much appreciated!! thanks savioboyz!

Page 1 of 2 12 LastLast

Similar Threads

  1. Fern Wifi Cracker with Geographical Locatory Mac address Tracker
    By savioboyz in forum BackTrack 5 Experts Section
    Replies: 58
    Last Post: 11-30-2012, 08:42 PM
  2. Strange error with Fern Wifi cracker...
    By Nyk0n in forum BackTrack 5 Beginners Section
    Replies: 2
    Last Post: 03-22-2012, 05:22 PM
  3. New FERN WIFI CRACKER
    By savioboyz in forum Experts Forum
    Replies: 97
    Last Post: 04-26-2011, 07:37 AM
  4. Session Hijacking in corporate LAN behind ISA
    By diamondforevers in forum Beginners Forum
    Replies: 0
    Last Post: 07-21-2010, 06:26 AM
  5. Session Hijacking!
    By chard-fi in forum OLD Newbie Area
    Replies: 3
    Last Post: 10-02-2007, 08:26 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •