When you need to quickly demonstrate the insecurity of open wireless networks, this is a good choice, as it has the ability to immediately hack into most websites another user on the same LAN is logged into.
Sessionthief is capable of performing HTTP session cloning by stealing cookies. It can issue basic *nmap* and *nbtscan* commands to see which IPs are on the subnet, or just listen for IPs broadcasting packets. It can quickly perform ARP poison routing to get packets given the IP of the client if not on an open network or hub, and should also work with interfaces in monitor mode. It integrates automatically with Firefox, dynamically creating a temporary profile for each attack performed. In this way, in contrast to tools like *The Middler*, it doesn’t require any additional configuration, and makes it easy to simultaneously own multiple logins to the same site. For example many multiple clients on the open or WEP-encrypted wireless network you are on are on Facebook (or Yahoo! mail or just about any site you log into), You can- 1. Start the program. 2. Select your interface 3. Hit watch 4. Select a request from each of them to Facebook, and click the session button. The program will start a new instance of Firefox for each session hacked, and let you control the login of all of them at once. It compiles and runs on Linux and windows depending on the pcap and wxwidgets libraries. The download contains source and binaries for Windows and Linux. Download it from: http://scriptjunkie1.110mb.com/security/sessionthief.zip -- Regards, kishore sangaraju -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
