session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server.
The software may use: cookiecadger, wireshark, ferret (packet re-assemble) , hamster
1. Use arpspoof to hijack a connection.
2. open wireshark to capture packets, save it as a “Wireshark/tcpdump/… -pcap” file.
3. Then cd to the folder where the pcap was saved, issue
ferret -r Tool.pcap
Running a from class inside your JAR file
load.jar is possible via
java -jar cookieCadger.jar
When doing so, you have to define the application entry point. Usually this is done by providing a manifest file that contains the
Main-Class tag. For documentation and examples have a look at this page. The argument
load=2 can be supplied like in a normal Java applications:
java -jar cookieCadger.jar load=2