Sniffing Session Cookies with Wireshark

156
◾ 
Ethical Hacking and Penetration Testing Guide
So we have filtered all the HTTP requests containing the cookies named “
c _ user
.” Let’s 
try to inspect the first request. On inspecting the HTTP request, we find all the cookies associated 
with Facebook.
To get a clear view of all the cookies, we will right-click on the cookie field and then to 
Copy 
→
Bytes 
→
Copy printable text only. Now, all the cookies will be selected. We will delete 
the other cookies and will save only the authentication cookies.
Hijacking the Session
Now that we have the authentication cookies of the victim, we would need to inject these cookies 
in our browser to hijack the session. Personally, I prefer the “Cookie Manager” plug-in inside of 
Firefox. It’s very simple to use.
Step 1
—To inject our cookies, we will browse facebook.com, and from our tools menu, will 
select the “Cookie manager” plug-in.
Step 2
—Once the plug-in is launched, we would need to inject our cookies. We will click on 
the “Add” button at the bottom and will add both of our cookies. Here is an example.

Network Sniffing
◾ 
157
Step 3
—Once both of our cookies are injected, we will just refresh the page, and we will be 
logged in to our victim’s account.

Yüklə 22,44 Mb.

Dostları ilə paylaş: