session hijacking using ettercap hamster ferret

Hacking Truth
5


session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal





We start with jumping into kali Linux"s Terminal and using the most widely used tool such as Ettercap, Hemster, Ferret. we will discuss about how to hijack a session. we will start session hijacking with man-in-the-middle attack and start capturing packets. Here is our attacker machine is kali linux and the victim is our local machine ( own network ).

From Wikipedia

Session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session—sometimes also called session key—to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server. It has particular relevance to web developers, as the HTTP cookies used to maintain a session on many web sites can be easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim’s computer. session hijacking using ettercap hemster ferret


we will  use three types tools here such as :-
Ettercap
Hamster
Ferret



Ettercap

Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis. Basically ettercap's interface aretwo different types such as Ettercap ( CLI ) and Ettercap ( GUI ).


session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal


Hamster


Hamster is a tool or “sidejacking”. It acts as a proxy server that replaces your cookies with session cookies stolen from somebody else, allowing you to hijack their sessions. Cookies are sniffed using the Ferret program. You need a copy of that as well.


Ferret

Ferret is a nice little tool that runs with hamster. Hamster is a tool that can be used for sidejacking. It acts as a proxy server, while ferret is used for sniffing cookies in the network. In this recipe, we will look at how to hijack some sessions!



So, first we will open a ettercap tool, you can also use the command line interface or graphic based but we will use it graphically here.


session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal



Click on sniffing at startup and choose a network interface.
For check a network interface, First open a terminal and type ifconfig and hit enter.



session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal



After setup a ettercap click Accept button on the right side of ettercap.


session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal



After completing the setup, you will see that the united sniffing has started in the left bottom of the ettercap tool.


session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal



Now, you have to click host list button.



session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal




session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal



After this, you click on the IP address and click on Add to Target one.
In the left bottom below you will see the host IP address has been addes to Target one.



session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal



Now select  Mitm ( man in the middle) option. Click on ARP poisoning.



session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal



It will ask for sniff remote connections or only poison one-way. Check the option sniff remote connections.



session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal



Now Select start option and click on start sniffing or press   shift+ctrl+W if sniffing has not started in ettercap tool. 




session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal




Now select hamster tool to manipulate data by using proxy.




session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal




session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal




Now select ferret tool to grab the session cookies.



session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal



Now that Ferret is installed, all we have to do is run ferret -i interface. For instance, I'll be using usb0 (wired connection).




session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal


type ferret -i usb0 and hit enter.



session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal




To view the cookies that we have "sidejacked," simply open your web browser and type in the URL box localhost:1234 or anything of the equivilent (i.e., 127.0.0.1:1234). You should get a screen like this:


session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal




Now we need to tell Hamster the interface to listen on. Go to adapters and enter the same interface you entered in Ferret.



session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal



Press Submit Query and let the magic begin (you'll have to wait a while before you get lots of cookies).

Viewing Cookies


After a while you'll start to see some IP addresses pop up (including yours). To view the cookies, simply click on the IP address.


session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal



session hijacking using ettercap hemster ferret by hackingtruthin OR kumaratuljaiswal



Now we can view everything this guy says, and he won't ever know it. This same attack can also be used to hijack someone's session while they're logged in to a website, making things much faster than cracking passwords. Cool, eh?

I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

Disclaimer

This was written for educational purpose and pentest only.
The author will not be responsible for any damage ..!
The author of this tool is not responsible for any misuse of the information.
You will not misuse the information to gain unauthorized access.
This information shall only be used to expand knowledge and not for causing  malicious or damaging attacks. Performing any hacks without written permission is illegal ..!


All video’s and tutorials are for informational and educational purposes only. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. The tutorials and videos provided on www.hackingtruth.in is only for those who are interested to learn about Ethical Hacking, Security, Penetration Testing and malware analysis. Hacking tutorials is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used.


All tutorials and videos have been made using our own routers, servers, websites and other resources, they do not contain any illegal activity. We do not promote, encourage, support or excite any illegal activity or hacking without written permission in general. We want to raise security awareness and inform our readers on how to prevent themselves from being a victim of hackers. If you plan to use the information for illegal purposes, please leave this website now. We cannot be held responsible for any misuse of the given information.


- Hacking Truth by Kumar Atul Jaiswal


Video Tutorial :-


        



Tags

Post a Comment

5 Comments
* Please Don't Spam Here. All the Comments are Reviewed by Admin.
Post a Comment
Our website uses cookies to enhance your experience. Learn More
Accept !