Jump to content

hamster and ferret

thefatmoop

By thefatmoop
in Security

 Share

Recommended Posts

thefatmoop Newbie

thefatmoop

Posted
Posted

So recently I installed a windows virtual machine just to play around with o.o I was able to get hamster and ferret to work seemingly fine.

On the left side though on the "instances" whenever I click on ANY of the links /sessions/cookies it asks me to save a file...

how do i get into my open gmail account?

Link to comment
Share on other sites
H@L0_F00 Newbie

H@L0_F00

Posted
Posted
So recently I installed a windows virtual machine just to play around with o.o I was able to get hamster and ferret to work seemingly fine.

On the left side though on the "instances" whenever I click on ANY of the links /sessions/cookies it asks me to save a file...

how do i get into my open gmail account?

moving this to the Jasager forum would probably get you more help

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted
moving this to the Jasager forum would probably get you more help

hamster and ferret are not parts of the Jasagar, although, I can see where you are going with this. They can be used stand alone with any other programs that allow you to sniff traffic of another user. I personally use cain forwindows in combo with them to establish a MITM to get them to see all the traffic.

As for clicking on session cookies links themselves, you should only need to click the links that go the the site itself, as hamster and ferret will do the rest to log you in and send the cookie from your pc to the site. I never got any links to try to send me a file while using it. Maybe don't click on the links that have /session/cookies in them, as it could be trying to send you the cookie itself. Instead, just click any link to google or gmail on that left side of the menu once you have logged into gmail on one of the mahcines hamster and ferret are monitoring. They can see the login cookies during the session but not sure what will happen under an https session. If google sends the cookies in the clear at some point of the session, then you should be able to login no problem.

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted
that's interesting. Maybe it's firefox3 because I set up the proxy, and i saw that both programs were getting cookies.

I just have absolutely no luck with cookie programs lol WifiZoo never worked for me

Maybe you just don't have everything set up right??

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted
Does anyone know if a hamster and Ferret program exist for Linux? I tried to do a search for such, but with no success.

Nope. Try Wifizoo.

Link to comment
Share on other sites
thefatmoop Newbie

thefatmoop

Posted
  • Author
Posted

yeah wifizoo is basically same thing only no mitm.. rather u need network card compatible to go into monitor mode

$iwconfig iface mode monitor

as for hamtaro i'll try it with using something other than ferret to mitm

(i'm also doing all this inside a VM with bridged networking)

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted

Something I found but havent tried for linux: http://code.google.com/p/surfjack/

Might be of use to somebody looking to try hamster and ferret, but are on linux and need an alternative.

Link to comment
Share on other sites
runkittyrun Newbie

runkittyrun

Posted
Posted

i belive the cookies + the IP address the connection is coming from is compared by the servers, so say you got a valid cookie with wifizoo from someone conencted to AP other than your own then used that cookie to connect threw your connection with different IP it won't match, after getting the cookies with wifizoo did you switch out monitor mode and conenct to the AP?

Link to comment
Share on other sites
thefatmoop Newbie

thefatmoop

Posted
  • Author
Posted

wifizoo:

No, I was never able to see anything other than APs / clients... My network card was in monitor mode. I really think it's my wifi card, so i'm going to try a different one that is supported. i bet ur right on the part where if u grab cookies and use a different internet ip the cookies prob won't work.

as for hamster i'll try using it with cain as the mitm.

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted
wifizoo:

No, I was never able to see anything other than APs / clients... My network card was in monitor mode. I really think it's my wifi card, so i'm going to try a different one that is supported. i bet ur right on the part where if u grab cookies and use a different internet ip the cookies prob won't work.

as for hamster i'll try using it with cain as the mitm.

Ferret doesn't do MITM. If you are using cain, you still need Ferret and Hamster running together. One creates the log file for the other to work from. Cain just make sit so Ferret can see the cookies and write them, while hamster does the proxy for yoru browser and the session hijack.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...