Cookie hijacking is the exploitation of the running sessions, sometimes also called a session key to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server. It is as same as the HTTP cookies used to maintain a session on many web sites, which can be easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim’s computer. Here’s I will show you how they hijack the cookies. Learn how to hack facebook account by hijacking cookies.
So, how to hack facebook account by hijacking cookies?
In order to get started, we need the following few tools.
Kali Linux OS
Ferret is a great piece of tool that grabs session cookies that travel across the LAN. Hamster is the proxy that “manipulates” everything collected by the Ferret. Ferret doesn’t come with Kali 64-bit version. In order to install it, we need to add the i386 (32-bit) repository. After that we can install it. You can install it by running the following line of code in the terminal.
dpkg –add-architecture i386 && apt-get update && apt-get install ferret-sidejack:i386
After you do that, let’s move on.
Setting Up the MitM Attack
We’re going to use Ettercap to ARP poison the targets. Open it up and do:
Sniff > Unified sniffing.
MitM > ARP poisoning and check Sniff Remote Connections.
Finally, Start > Start sniffing.
Now that Ferret is installed, all we have to do is run ferret -i interface. For instance, I’ll be using Ethernet.
To run Hamster, just type hamster in a new terminal.
To view the cookies that we have “hijacked,” simply open your web browser and type in your localhost ip and port like this: 127.0.0.1:1234.
Now just put the interface name in Hamster to listen on. Go to adapters and enter the same interface that just you entered in Ferret.
Press Submit Query and wait for a while, and you’ll see cookies begin to appear.
As you’ll start to see some IP addresses pop up (also yours). To view the cookies, simply click on the IP address. Just hit the URLs the view them.
If you want to view the original cookies, just click that cookies button and replace hamster with your localhost ip and port as before at the beginning of the URL, or you can open up the .pcap file in the home folder.
Note: Cookies will only work until the session expires.That’s all how hackers steal cookies. Hope you have known how to hack facebook account by hijacking cookies. If you find any query, feel free to comment below.