Wi-Fi can be used to transmit data. While a few hotspots have begun to encrypt user data, usually with WPA, the majority of them still expect customers and others to do the same. Unfortunately, many users continue ignore this simple threat. People who are more educated often use SSL-protected websites or VPNs to protect their data.
Hotspot users who visit sites like Yahoo!, HotMail, or Gmail may be at risk. Mail may be more vulnerable than they think.
Imagine that you are in a cozy restaurant with many people who are busy eating and working on laptops. You fire up your laptop and discover that your wireShark can be used to view the traffic on this open network in clear text. You want to find out what the other person is doing on his laptop. This could be by emailing his girlfriend or chatting up someone. What can you do? Use Hamster!
Side jacking is made easy by Hamster
What is Sidejacking?
Sidejacking is a type of “HTTP session hijacking” which works with passive eavesdropping.
HTTP session hijacking is when hackers grab your “session cookies”. A unique cookie is used to identify your session with the web server. This cookie is sent to your browser immediately after the session begins. Your browser then echos it back.
Session hijacking can take many forms. Some of these methods use cross-site scripting to steal your browser’s session. Some use “man in the middle” attacks to intercept the connection and then resend it. Sidejacking uses passive eavesdropping cookies. Cookies are collected using a packet-sniffer and then imported into the browser. The user cannot see any information that would indicate their session is being hijacked, unlike other methods of session hijacking. They cannot “View source” to detect errant JavaScript, as they can with cross-site scripting attacks. They cannot sniff their traffic to see if it’s being altered (as in manin-the-middle attacks).
Sidejacking also allows for offline attacks. Session cookies can last for years, sometimes even years. This means that hackers could capture packets using a packet-sniffer at a given point, then import the cookies into a browser to access the session.
Hamster is a tool that allows you to hijack HTTP sessions using passive sniffing. It sniffs on a network and captures session cookies. The session cookies are then imported into the browser to allow the hijacker to access their session. Sidejacking, or HTTP session hijacking, is when you hijack an existing Web session with remote services by intercepting and using credentials (normally session cookie) that identify the user to that particular server.
Hamster Sidejacking Cross-site scripting could be used to collect cookies. Without the right tools, it could be a lot of work. Hamster automates this process. It makes it so easy to hijack valid HTTP connections that you can see how many of your targets may have non-encrypted cookie information. Status updates are displayed on the screen, so you can track how many packets have been captured. Ferret is now integrated with Hamster since version 2. Ferret is activated by Hamster. It will then know which interface it should use.
Hamster is a tool for “sidejacking”. It acts as a proxy server and replaces your cookies by session cookies stolen from someone else, allowing it to hijack their sessions. The Ferret program can sniff cookies. It is also necessary to have a copy.
Reference: https://tools.kali.org/sniffingspoofing/hamster-sidejack
Example(s) of Hamster Use
[email protected]:~# hamster— HAMPSTER 2.0 side-jacking tool —Set browser to use proxy http://127.0.0.1:1234DEBUG: s