Session hijacking on lan

Welcome to hacking a rise I’m the Laughing man in this post is to show you session hijacking wile on LAN when i mean LAN this can be a public network or your own i will be using my home network as i dont wanna brake any laws so the tools need is Ettercap,hamster,ferret (thank god most these are install on Kali Linux whoop whoop were is ferret is installed on kali 32 bit only ) this is a handy way to gain password usernames and credit card info
so now lets move on .

What is session hijacking

session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system.

What is ettercap

Ettercap is a free and open source network security tool for man-in-the-middle attacks on LAN. It can be used for computer network protocol analysis and security auditing. It runs on various Unix-like operating systems including Linux, Mac OS X, BSD and Solaris, and on Microsoft Windows.
Find out more

What is hamster

It acts as a proxy server that replaces your cookies with session cookies stolen from somebody else, allowing you to hijack their sessions. Cookies are sniffed using the Ferret program.
Find out more

What is ferret

It grabs session cookies that travel across the LAN. Hamster is a proxy that “manipulates” everything grabbed by Ferret.

installing ferret

So im using a 64 bit os of kali so im going have to install ferret as its not installed on kali 64 bit only 32 bit so open terminal and type dpkg --add -architecture i386 && apt-get update && apt install ferret-sidejack:i386 If you have a 32 version of kali skip this step
Session hijacking on lan 11

Starting the attack

So now we can start are attack so go to applications down to sniffing and spoofing
Session hijacking on lan 12

start ettercap pick the interface you want to use since I’m using WiFi I’m picking wlan0 the go to host and scan for hosts click the host list and add them to target or dont now go to mitm and click arp poisoning and click sniff remote connection
Session hijacking on lan 13

Now we load up ferret open a terminal and type ferret -i wlan0
Session hijacking on lan 14

now open a new terminal and start hamster by just typing hamster
Session hijacking on lan 15

Copy the link and pasted it to Firefox
Session hijacking on lan 16

no you see the target to see the cookies click on the ip and it take you to the cookies

Session hijacking on lan 17

Disclimer

listen to me lads
Hacking a rise dose not take responsibility for any actions or harm inflicted by you as this is purely for educational reasons Two show how easy it is for a hacker to gain your password, usernames , credit card info wile on public networks.

hope you enjoyed this lads gud luck and happy hacking

laughing man

pentester
Hi im the laughing man im a pentester and the owner of Hacking a rise

Leave a Reply