Another little project I put together a couple of years ago is sessionthief. When I need to quickly demonstrate the insecurity of open wireless networks, this is my first choice, as it has the ability to immediately hack into most websites another user on the same LAN is logged into.

It performs HTTP session cloning by cookie stealing. It can issue basic nmap and nbtscan commands to see which IPs are on the subnet, or just listen for IPs broadcasting packets. It can quickly perform ARP poison routing to get packets given the IP of the client if not on an open network or hub, and should also work with interfaces in monitor mode. It integrates automatically with Firefox, dynamically creating a temporary profile for each attack performed. In this way, in contrast to tools like the middler, it doesn't require any additional configuration, and makes it easy to simultaneously own multiple logins to the same site. (although the middler is a much larger and more capable project)

For example, if multiple clients on the open or WEP-encrypted wireless network you are on are on facebook (or yahoo mail or just about any site you log into), you can 1. start the program, 2. select your interface, 3. hit watch, and 4. select a request from each of them to facebook, and click the session button. The program will start a new instance of firefox for each session hacked, and let you control the login of all of them at once. It compiles and runs on linux and windows depending on the pcap and wxwidgets libraries. The source and binaries for windows and linux are here

  1. #1 by mozartklik on September 14, 2010 - 12:25 pm

    how do i compile it on linux

  2. #2 by sonken on September 14, 2010 - 12:53 pm

    any instructions to compile it on linux? (dependencies, etc)

  3. #3 by ub on September 16, 2010 - 5:48 am

    Nice work !
    but what about its counter
    static arp entries or some thing like this

  4. #4 by Tom on September 16, 2010 - 6:57 pm

    This has been tested on Ubuntu 10.04 only:

    1. Make sure you have the req’d stuff installed as per these instrcutions:

    2. Make sure you have libpcap-dev installed

    3. This should be in a make file but it works:

    g++ arp.cpp cookieeater.cpp nviewFrame.cpp printThread.cpp processThread.cpp request.cpp sessionApp.cpp summaryText.cpp systemInterface.cpp -lpcap -o sessionthief `wx-config –cxxflags` `wx-config –libs`

    Yes, those are back ticks surrounding the wx-config params.

    Good luck!

  5. #5 by Tom on September 16, 2010 - 6:59 pm

    Wow! I’m an idiot!!

    Just found better instructions here:

Comments are closed.