[Hack] Session Sidejacking Using Hamster!


Lets start with the definition : 

session hijacking refers to the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system.  (Wikipedia)

In other words , that means that you are seeing same websites that the victim sees, add to that you have full access to that website ,for example if the victim visit Facebook and he entered his user name and password, you cant see the user name and password, but you can use his Facebook page as if its yours, so you can delete friends, add comments, change status, everything!! and this concept apply to any web site ,such as mail accounts.


I am not explaining this technique to be used in wrong way, i am showing you this to know how you can be insecure if you are not using secure sites, this technique does not work for web sites that use SSL security, and now most of the sites offer SSL security, another thing, you have to be careful if you are using unknown free network (hotspot!).

http://www.facebook.com/   
https://www.facebook.com/  <=== Secure site SSL !

As usual all tutorial use backtrack4, before using this tutorial you have to make arpspoof attack to the target, i explain that in previous post but i will write the commands again here without explanation.

  • echo 1 > /proc/sys/net/ipv4/ip_forward
  • arpspoof -i eth0 -t 192.168.1.12 192.168.1.1
  • arpspoof -i eth0 -t 192.168.1.1 192.168.1.12

SideJacking Using Hamster!

1. Open console.


2. Go to hamster folder

cd /pentest/sniffers/hamster/

(note: this may be different if you are using other Linux distors, just search for hamster folder)


3. Start hamster

./hamster


4. Now go to your internet browser ( i use Firefox ) go to Tools and clear your cookies.




5. Now we will change the proxy settings to what hamster uses;

Edit > Preference > Advance > Network > Settings



6. Chane the proxy to "Manual proxy configuration" and type 127.0.0.1 and port 1234.


7. Now type " hamster" in address bar.


8. Click on adapters to choose which adapter you want to use ( i will use eth0, you can use whatever adapter you want according to your network type, if you are connecting to the network using your wireless adapter, then you have to use wlan0 )



9. After a while , you will start seeing the targets, click in anyone of them and the cookies will appear on the left,


10. So i have one cookies says " www.facebook,com/home...."  after clicking it you will see the victim page as if you are the owner! you can do whatever you want!




11. Here is another example for yahoo mail,



  • Again this way is not effective for SSL secure sites (https), so next time you login to any site make sure to use https if he has one.
  • This Attack could be combined with DNS spoof attack to get the passwords!

See Also!

[Security] Man In The Middle Attack (MiTM) !


Read Users' Comments (0)

0 Response to "[Hack] Session Sidejacking Using Hamster!"

Post a Comment