Another little project I put together a couple of years ago is sessionthief. When I need to quickly demonstrate the insecurity of open wireless networks, this is my first choice, as it has the ability to immediately hack into most websites another user on the same LAN is logged into.

It performs HTTP session cloning by cookie stealing. It can issue basic nmap and nbtscan commands to see which IPs are on the subnet, or just listen for IPs broadcasting packets. It can quickly perform ARP poison routing to get packets given the IP of the client if not on an open network or hub, and should also work with interfaces in monitor mode. It integrates automatically with Firefox, dynamically creating a temporary profile for each attack performed. In this way, in contrast to tools like the middler, it doesn’t require any additional configuration, and makes it easy to simultaneously own multiple logins to the same site. (although the middler is a much larger and more capable project)

For example, if multiple clients on the open or WEP-encrypted wireless network you are on are on facebook (or yahoo mail or just about any site you log into), you can 1. start the program, 2. select your interface, 3. hit watch, and 4. select a request from each of them to facebook, and click the session button. The program will start a new instance of firefox for each session hacked, and let you control the login of all of them at once. It compiles and runs on linux and windows depending on the pcap and wxwidgets libraries. The source and binaries for windows and linux are here or linked to here

  1. #1 by mozartklik on 14 September 2010 - 1236

    how do i compile it on linux

  2. #2 by sonken on 14 September 2010 - 1228

    any instructions to compile it on linux? (dependencies, etc)

  3. #3 by ub on 16 September 2010 - 0523

    Nice work !
    but what about its counter
    static arp entries or some thing like this

  4. #4 by Tom on 16 September 2010 - 1823

    This has been tested on Ubuntu 10.04 only:

    1. Make sure you have the req’d stuff installed as per these instrcutions:

    2. Make sure you have libpcap-dev installed

    3. This should be in a make file but it works:

    g++ arp.cpp cookieeater.cpp nviewFrame.cpp printThread.cpp processThread.cpp request.cpp sessionApp.cpp summaryText.cpp systemInterface.cpp -lpcap -o sessionthief `wx-config –cxxflags` `wx-config –libs`

    Yes, those are back ticks surrounding the wx-config params.

    Good luck!

  5. #5 by Tom on 16 September 2010 - 1813

    Wow! I’m an idiot!!

    Just found better instructions here:

  1. sessionthief – HTTP Session Cloning & Cookie Stealing Tool « Weblog for all users.
  2. sessionthief – HTTP Session Cloning & Cookie Stealing Tool -
  3. Furti di sessione | Siamo geek

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: