Introduction

session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server.

Lab

The software may use: cookiecadger, wireshark, ferret (packet re-assemble) , hamster

1. Use arpspoof to hijack a connection.

2. open wireshark to capture packets, save it as a “Wireshark/tcpdump/… -pcap” file.

3. Then cd to the folder where the pcap was saved, issue ferret -r Tool.pcap

4.

Use cookieCadger.jar.

Running a from class inside your JAR file load.jar is possible via

java -jar cookieCadger.jar

When doing so, you have to define the application entry point. Usually this is done by providing a manifest file that contains the Main-Class tag. For documentation and examples have a look at this page. The argument load=2 can be supplied like in a normal Java applications:

java -jar cookieCadger.jar load=2