Results 1 to 10 of 20

Thread: Session Hijacking with Fern Wifi Cracker

Threaded View

  1. #1
    Senior Member savioboyz's Avatar
    Join Date
    Oct 2010
    Location
    Nigeria
    Posts
    118

    Default Session Hijacking with Fern Wifi Cracker

    Fern Cookie Hijacker is a new feature add in Fern Wifi Cracker 1.45 ,it is a wifi based session hijacking tool able to clone remote online web sessions by sniffing and capturing wireless cookie packets from remote hosts by intercepting reachable wireless signals. It is capable of decrypting WEP encrypted packets on the fly to process session cookies transmitted over the air.





    Fern cookie Hijacker comes with smart intergrated code to detect and intercept cookie packets, unlike some cookie detection engines fern cookie hijacker does not wait to collect complete cookie acknowledgement during the initial authentication process, but pulls cookies and associate them with their hosts as they are transmitted over the wireless connection, its also forges to correctness values that are not captured e.g (exipry,isSecure).

    Heres a video that demonstrates how it works:

    [REMOVED YOUTUBE VIDEO]


    The mozilla cookie Sqlite3 database "cookies.sqlite" is no easy task comminucating with, most language api's fail to commmunicate with them due to the fact that mozilla updates their format regularly, this means that and api that is 3.1.5 compliant might not work with a 3.1.6 sqlite database thereby rendering the languages sqlite binding useless at each update..
    Communicating with such database returns a deceptive "file is encrypted or is not a database" error. So i search over the internet for a reliable api but i could not find one, so i wrote this generic api by reverse engineering the mozilla firefox program using IDA Pro and OllyDBG,This platform independent api allows commuication with mozillas Sqlite databases by hooking into its DLL or SO objects (libmozsqlite3.so | mozsqlite3.dll) Hooking and using the DLL is important because using the python's sqlite3 library fails to communicate with the cookie database, and also as said earlier firefox changes its database format on each release. This api communicates with the cookie database no matter what changes are made.

    API Link:

    http://code.google.com/p/fern-wifi-c...cookie_core.py

    THIS VIDEO AND SOFTWARE PROGRAM ARE FOR FOR EDUCATIONAL PURPOSES (MITIGATION) ONLY. TESTING IT ON NETWORKS YOU ARE NOT AUTHORIZED TO TEST IS ILLEGAL
    Last edited by g0tmi1k; 11-16-2012 at 04:15 AM. Reason: Removed YOUTUBE video
    Saviour Emmauel Ekiko

Similar Threads

  1. Fern Wifi Cracker with Geographical Locatory Mac address Tracker
    By savioboyz in forum BackTrack 5 Experts Section
    Replies: 58
    Last Post: 11-30-2012, 08:42 PM
  2. Strange error with Fern Wifi cracker...
    By Nyk0n in forum BackTrack 5 Beginners Section
    Replies: 2
    Last Post: 03-22-2012, 05:22 PM
  3. New FERN WIFI CRACKER
    By savioboyz in forum Experts Forum
    Replies: 97
    Last Post: 04-26-2011, 07:37 AM
  4. Session Hijacking in corporate LAN behind ISA
    By diamondforevers in forum Beginners Forum
    Replies: 0
    Last Post: 07-21-2010, 06:26 AM
  5. Session Hijacking!
    By chard-fi in forum OLD Newbie Area
    Replies: 3
    Last Post: 10-02-2007, 08:26 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •