A tool which allows one to hijack HTTP connections to steal cookies - even ones on HTTPS sites! Works on both Wifi (monitor mode) and Ethernet.
Features:
- Does Wireless injection when the NIC is in monitor mode
- Supports Ethernet
- Support for WEP (when the NIC is in monitor mode)
Known issues:
- Sometimes the victim is not redirected correctly (particularly seen when targeting Gmail)
- Cannot stop the tool via a simple Control^C. This is a problem with the proxy
Requires:
- Python 2.4
- Scapy
You can download Surf Jack here:
Or read more here.
Subscribe to Darknet RSS Feed Stored in: Hacking Tools, Web Hacking
Related Posts:
- login (security through obscurity) - weird PHP script
- Stompy - The Web Application Session Analyzer Tool
- mod_anti_tamper - Anti Tamper Module for Apache 2.x
- Cross Site Scripting (XSS)
- bookmark me
- LCP - A Good FREE Alternative to L0phtcrack (LC5)
| 3,246 views |
Well have used almost every tool based on Scapy and realy liked it. So should check this one out too..
Moreover, It seems like a very useful tool…
It’s fairly easy to program you way around threats like this. Just include the destination MAC address in the cookie when you send it out (encrypted of course) and check it against the originating MAC address while reading the cookie back in..