Showing posts with label Softwares. Show all posts

Session Hijacking 2nd Tutorial

First of all, before going any further you have to understand what a cookie is. So what is a cookie? a cookie is a small piece of information that is stored in the user's client (browser) when a user visits a website. It is generated by the web server and sent to the browser for authentication purpose.  Lets say you login to your facebook account, when you login a session data is being created in the facebook's server and it sends a cookie file to your browser. when you do some activity in facebook, these two things are compared and matched everytime. So if we manage to steal this cookie file from someone we will access to their account. In this tutorial i will show you how to do this in LAN. (this method will not work if the victim is not connected to your network.)


So in this tutorial you will be using a tool called Wire Shark ( Download From Here ) and a firefox add on called Add N Edit Cookies. (Download From Here ).

When done this process, just minimize Cain And Abel.

Wire shark is a tool used to sniff packets from the network clients. we will be using this to steal our cookies.
Add N Edit Cookies add on is to inject the stolen cookie into firefox browser.

Download and install wireshark, open it up and click on "Capture" from menu bar. select your interface and click Start. this will start to capture all the packets from your network.

Now find the packets using ther filterer http.cookie.
Look for packets which has POST and GET in it. this is the http information sent to server.


Now once you found the cookie, copy its value like this:

Paste it and save it in a notepad file. Now the final thing to do is, open firefox and start the Add N Edit Cookies Add on from tools menu. Now Insert the stolen cookie here, and you're done! you should be having access to the victim's account now!

KP

Session Hijacking Tutorial

SessionHijack Session Hijacking TutorialRecently, there has been a lot of talk about the Firesheep plugin for Mozilla Firefox that allows users to easily perform a session hijacking against victims on the same LAN. The news spread fast and wide, and reporters were deeming Firesheep extremely dangerous.  I am not going to play down the fact that this does pose a serious threat to people’s privacy; however, this is nothing more than an old trick with a new face. Session hijacking has been around for ages, and performing a session hijack is actually quite simple. Today I will demonstrate one way to perform a simple session hijack without Firesheep!


What is Session Hijacking?

I am not going to waste time trying to explain session hijacking; instead I will just give you a blurb from Wikipedia:
In computer science, session hijacking refers to the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server. It has particular relevance to web developers, as the HTTP cookies used to maintain a session on many web sites can be easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim’s computer (see HTTP cookie theft).

How to Perform a Session Hijack

For this simple example using Windows, I am going to target Twitter (as this seems to be one of the two big targets of Firesheep, and since I refuse to use Facebook). Here are the following things that will be needed for this example:
  1. LAN with Internet connection.
  2. Two computers (technically you could just use one, but it’s more fun to see it work with two).
  3. Wireshark
  4. Mozilla Firefox
  5. Add N’ Edit Cookie Editor add-on (or another cookie editor of your choice)
The first step I am going to take is to start Wireshark and sniffing traffic. Depending on the LAN you may need to perform ARP Spoofing to successfully pull this attack off; if you need to know how to perform an ARP Spoofing attack I would suggest search Google or ping us on FB 
While sniffing traffic, log into Twitter on the other computer. After you have logged into Twitter, you can stop sniffing traffic and perform a find packet (Ctrl-F or Edit–>Find Packet). For the criteria, set the “By:” option to “String” and the “Search In” option to “Packet details”, and search for “Set-Cookie:” in the text field.
FindPacket Session Hijacking Tutorial
Find Packet options
Once you search, a packet, with the word Set-Cookie, will be highlighted; right-click the packet and select “Follow TCP Stream.” This will make it easier to read, when looking at the TCP Stream you will see “Set-Cookie: _twitter_sess=” and then a long string of characters. This is the session cookie that you are going to hijack.
Cookie Session Hijacking Tutorial
Session Cookie Found from TCP Stream
Since we now have the cookie, open Mozilla Firefox and open our Cookie Editor (Tools –> Cookie Editor). Once the Cookie Editor is open, select the Add button under Cookie. For the parameters enter the following:
  • Name: _twitter_sess
  • Content: copy paste the information from the TCP Stream (see the red box in the Session Cookie Found from TCP Stream picture)
  • Domain: .twitter.com
  • Path: /
NewCookie Session Hijacking Tutorial
Entering a New Cookie
After all this information is entered, save the cookie. The next step is to go to the address bar and go to Twitter.com, and just like that you have hijacked another users’ session.

Quick and Dirty Instructions:

  1. Sniff traffic
  2. Log into Twitter with another computer (or same computer)
  3. Stop sniffing traffic
  4. Find a packet that contains Set-Cookie
  5. Open Firefox
  6. Start Cookie Editor add-on
  7. Paste in cookie
  8. Go to Twitter
  9. No need to log in!!

Conclusion

As stated earlier this was a simple example; but as you can see, the same steps can be applied to hijack sessions from other websites. I will give credit to Firesheep, as it made this very easy process even easier and has even made people more aware of the dangers of surfing the web on public networks.

KP

What Is Metasploit?


Metaspoit Framework is a open source penetration tool used for developing and executing exploit code against a remote target machine it, Metasploit frame work has the world’s largest database of public, tested exploits. In simple words, Metasploit can be used to test the vulnerability of computer systems in order to protect them and on the other hand it can  alsobe used to break into remote systems. 


Its a powerful tool used for penetration testing. Learning to work with metasploit needs a lot of efforts and time. Ofcourse to can learn metasploit overnight, it needs lots of practice and patience 
Just give a look at following basic steps for beginners to break into a system using metasploit after gathering some information about the target system.

1. Select a right exploit and then set the target.
2.Verify the exploit options to determine whether the target system is vulnerable to the exploit.
3.Select a payload
4.Execute the exploit.

You must be confused !!!!

Now carefully read the following basic terms to get an idea about these four steps mentioned above .I have defined the terms technically and side by side explained in layman language to clarify the things. I have taken an example that an attacker wants to break into a house . I hope my this approach will give you a great idea about these basic terms .

Vulnerability -A weakness which allows an attacker to break into or compromise a system’s security.

Like the main gate of house with a weak lock (can be easily opened) , a glass window of house(can be easily broken) etc can be the vulnerabilities in the systems which make it easy for an attacker to break into.
Exploit - Code which allows an attacker to take advantage of a vulnerability system.

The set of different keys which he can try one by one to open the lock , the hammer with him which he can use to break the glass window etc can be the exploits.
Payload- Actual code which runs on the system after exploitation

Now Finally after exploiting the vulnerability and breaking in , he can have different things to do. He can steal money, destroy the things or just can give a look and come back.. Deciding this is what we mean by setting the Payload.

I hope its enough friends, You will learn more with further tutorials when you will start working with metasploit practically...
Happy Hacking

Nirvan Champ

How To Run All Android Apps On PC

In this post I’m going to show you how to use free software called BlueStack . It is app player for windows where you can run all your favorite android apps on your pc .
1) Download and Install BlueStacks
2) You can download and use any android apps and run it on your pc. If you’re looking for specific app , click on App search and type specific app in the search bar . Click on it and download+installing process will begin .
3) Once you finished the installing app you’ll be able to run it. Just click the app icon .
How to sync your Android phone with PC
BlueStacks lets you sync apps, photos and SMS messages between your phone and PC? Here’s how:
1) If you want to sync your Android phone with PC. Go to Settings and click on Cloud Connect .
2) Set up your BlueStack account
3) Install the BlueStacks Cloud Connect app from the Android Market to your phone.
4)Open the app and pair your phone with your PC by typing in your PIN:
5)Select whether or not you want to receive SMS messages simultaneously on your PC via BlueStacks . Click “Login” and you are done!

KP

Subscribe to: Posts (Atom)