sessionthief – HTTP Session Cloning & Cookie Stealing Tool

The New Acunetix V12 Engine


sessionthief performs HTTP session cloning by cookie stealing. It can issue basic nmap and nbtscan commands to see which IPs are on the subnet, or just listen for IPs broadcasting packets. It can quickly perform ARP poison routing to get packets given the IP of the client if not on an open network or hub, and should also work with interfaces in monitor mode. It integrates automatically with Firefox, dynamically creating a temporary profile for each attack performed. In this way, in contrast to tools like the middler, it doesn’t require any additional configuration, and makes it easy to simultaneously own multiple logins to the same site.

For example, if multiple clients on the open or WEP-encrypted wireless network you are on are on Facebook (or yahoo mail or just about any site you log into), you can:

  1. Start the program
  2. Select your interface
  3. Hit watch
  4. Select a request from each of them to facebook, and click the session button.

The program will start a new instance of firefox for each session hacked, and let you control the login of all of them at once. It compiles and runs on linux and windows depending on the pcap and wxwidgets libraries.

You can download sessionthief here:

sessionthief.zip

Or read more here.

Posted in: Hacking Tools, Networking Hacking, Privacy, Web Hacking

, ,


Latest Posts:


Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.


2 Responses to sessionthief – HTTP Session Cloning & Cookie Stealing Tool

  1. karaeng_sija September 14, 2010 at 1:36 pm #

    how do i use this or compile it on linux system

  2. scriptjunkie September 14, 2010 at 11:53 pm #

    Instructions have been posted here: https://scriptjunkie1.wordpress.com/2010/09/14/sessionthief-linux/
    Enjoy!