Hacker, Researcher and Author.

Gmail Cookie Stealing And Session Hijacking Part 3


So friends, This is the third part of my Gmail Session Hijacking and Cookie Stealing series on RHA, In the first part I introduced you to the basics and fundamentals of a Session Hijacking attack, In the second part I introduced you to the variety of methods used to capture session cookies. In this part I will tell you how to carry out a session hijacking attack once you have the session cookies.


Cookie Injection With A Firefox WebBrowser

Now there are variety of plugins used to inject cookies in your browser, depending on which browser you are using, I would recommend you the use of firefox browser as it supports vast number of cookie injection plugins.

Web Developer Toolbar

Webdeveloper toolbar is an addon for the firefox browser it makes the process of injecting cookies extremely easy. All you have to do is to install the webdeveloper toolbar, Click on the cookies drop down menu and click on the cookie you want to edit.


Once you have clicked on the edit cookie option, You will be brought to the following screen:


Next replace your cookie value with the victims cookie value.


Now if you have captured cookies using wireshark, then instead of using Webdeveloper toolbar, you can use Cookie injector to inject session cookies directly in to your browser. All you need to do is to press Alt+C after installing the cookie injector and then just paste the wireshark cookie dump and press ok. After you have done so, Just refresh your browser and you will be in victims account.


Note: In order to install Cookie injector script you would need to first install Greasmonkey plugin for firefox


CookieManger is one of my most preferred choice for performing a Session hijacking hijacking, Since it's very user friendly and extremely easy to use. You can view CookieManager's usage guide here.

Cookie Injection With Google Chrome



If you are too lazy to use firefox for cookie injection, then luckily there are few extensions on google chrome used to inject cookies into your browser and take control of the victims account. One of my favorite cookie injecting extensions is Cookie editor by Philip, It sports a very unfriendly interface.


Drawbacks of Session Hijacking Attack:

With so many advantages of a session hijacking attack there are some drawbacks that you also need to know.

1. First of all cookie stealing becomes useless if victim is using a https:// protocol for browsing and end to end encryption is enabled.

2. Most of the cookies expire once the victims clicks on the logout button and hence the attacker also logs out of the account.

3. Lots of websites do not sport parallel logins which also makes cookie stealing useless.

Protection Against A Session Hijacking Attack

The best way to protect yourself against a session hijacking attack is to use https:// connection each and every time you login to your Facebook, Gmail, Hotmail or any other email account. As your cookies would be encrypted so even if an attacker manages to capture your session cookies he won't be able to do any thing with your cookies.

So freinds, I hope you have enjoyed the Gmail Session hijacking and cookie stealing series, Depending on readers response I might make a tutorial on Facebook Session hijacking too. If you have any questions feel free to ask.

18 comments:

  1. Hi Rafay,it is a good article.

    ReplyDelete
  2. hey rafay is there ne way to bypass https encryption??

    ReplyDelete
  3. Whats your Username on Sharecash :)

    ReplyDelete
  4. @Bharvi
    Yes there are many ways depending on the web app but it's extremely difficult to decrypt them.

    ReplyDelete
  5. I think its useless in present time...I mean today everyone is well aware about https protocol.

    ReplyDelete
  6. rafay,can i know from where u r please,
    & can u tell me what programming languages i should learn
    and which aspects of a languages?

    about me:gonna do btech in iit bbsr.m just a beginner and i know only phishing

    ReplyDelete
  7. Nice post :)
    Keep up the good work!
    sa-paradise.blogspot.com

    ReplyDelete
  8. rafay can u help me with the php code for stealing cookies

    ReplyDelete
  9. great tutotial...but can u explain some more methods to capture cookie..like if we want to get the cookies for a specific victim...

    ReplyDelete
  10. @Daek hacker
    I will soon make a post on it.

    @Syed Aamir
    Take a look at the part 1 to see more methods.

    ReplyDelete
  11. i am very impressed as i am interested in hacking and this tutorial learn me a lot.

    ReplyDelete
  12. that was awesome .You described it very well.

    ReplyDelete
  13. I usually use facebook on my opera mini. And some days ago it shown that ur account is temporary unavailable, login from ur computer. When i login from computer it shows that login from recently used opera mini. How can i unlock my profile, While now i use other fb profile on my opera mini. Reply plz.

    ReplyDelete
  14. how to choose a specific victim rafay.........

    ReplyDelete
  15. Instead of using sniffers, I prefer to use javascript to steal the cookie. What you do is email them "Type in this code it will say hi". Make the code do 2 things: 1. alert("hi") 2. Load a php script using ajax and pass the cookie as a parameter. Also, injecting the cookie can be done with javascript injection.

    ReplyDelete
  16. Is der anyway to capture https connections??

    ReplyDelete
  17. is der anyway to capture https connections??

    ReplyDelete

© 2016 All Rights Reserved by RHA Info Sec. Top

Contact Form

Name

Email *

Message *

Powered by Blogger.