tag:blogger.com,1999:blog-37798047.post5570258612187723464..comments2024-01-16T05:48:33.523-05:00Comments on Errata Security: SideJacking with HamsterDavid Maynorhttp://www.blogger.com/profile/09921229607193067441noreply@blogger.comBlogger40125tag:blogger.com,1999:blog-37798047.post-81625144000434314652020-11-09T19:39:45.522-05:002020-11-09T19:39:45.522-05:00This comment has been removed by a blog administrator.felisha greenhttps://www.blogger.com/profile/04448582896725355815noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-2312200000169541922020-08-19T19:43:16.566-04:002020-08-19T19:43:16.566-04:00This comment has been removed by a blog administrator.miladhttps://www.blogger.com/profile/06156800538781103307noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-1489046026946278572012-09-13T04:26:49.059-04:002012-09-13T04:26:49.059-04:00Does this work if you dont use wi-fi network. Supp...Does this work if you dont use wi-fi network. Suppose, I have a normal desktop and I cant sniff the traffic outside my netowrk. If i want to hack gmail account outside the network but somewhere on the internet , how do we do this. downlaod usb securityhttp://www.kakasoft.com/usb-security/noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-73066963028157349852012-05-26T22:21:23.883-04:002012-05-26T22:21:23.883-04:00Hi,
When I am trying to run the command "fer...Hi,<br /><br />When I am trying to run the command "ferret -W" under c:/sidejacking folder it gives an error. The error is as follows:- "ferret.exe has stopped working. Check online for the solution." My winpcap version is 4.1.2. What should I do in this case? Please help.sibaramhttps://www.blogger.com/profile/04825482536285914602noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-58524784875600377662012-01-05T03:52:09.547-05:002012-01-05T03:52:09.547-05:00Hi,
I finally got ferret and hamster running on m...Hi,<br /><br />I finally got ferret and hamster running on my Mac OS X. However, I cannot see any 'targets' other than my own IP. I was wondering what I am missing?<br /><br />info: I am connected to my router wirelessly. First, I am running "$sudo ./ferret -i 2" and then "$sudo ./hamster". In the web interface on hamster, I chose the adapter en1.<br /><br />Your help is appreciated!<br />Thanks,<br />-AGAstroGradhttps://www.blogger.com/profile/12400577123496766403noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-24302233094638161502010-06-23T12:24:53.497-04:002010-06-23T12:24:53.497-04:00hii, i've tried the softwares (hamster+ferret)...hii, i've tried the softwares (hamster+ferret)..<br /><br />but it seems not work on my network<br />nb: my network is using an authentified proxy with user and password..<br /><br />can it fix for later version?<br />thx, i'll so appreciate if it can works on such as environment :)Unknownhttps://www.blogger.com/profile/05193790682917743295noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-26716105105074453942010-06-15T05:04:25.223-04:002010-06-15T05:04:25.223-04:00pouvez vous m'aider ?pouvez vous m'aider ?thierryhttps://www.blogger.com/profile/13790553150931768619noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-185630663035288292010-06-14T13:50:12.551-04:002010-06-14T13:50:12.551-04:00bonjour,je viens de me faire piraté mon compte yah...bonjour,je viens de me faire piraté mon compte yahoo.fr.On m'a changer mon mot de passe,la question secrete,et le mail de secour.pouve vous m'aider a retrouver mon compte? merci.petanqueur@gmail.comthierryhttps://www.blogger.com/profile/13790553150931768619noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-52422641677905238002010-01-10T09:40:20.690-05:002010-01-10T09:40:20.690-05:00It can be done on wireless networks but if you'...It can be done on wireless networks but if you're using WEP or WPA, you'll have to capture the packets with Wireshark or Airodump and then decrypt the packets and save them to a file.<br /><br />In Wireshark, go to Edit, Preferences, Protocols, IEEE802.11. Then check "Enable Decryption" and follow its instructions for entering your WEP/WPA keys.<br /><br />If you have captured them with Airodump (or even Wireshark), you can decrypt them by typing 'airdecap-ng -w [wepkey] file.cap'. I don't recall if it's the same command for WPA, but the manpage will tell you. :)Chrishttps://www.blogger.com/profile/09332146196386032915noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-34056998761928454452009-05-31T00:01:25.386-04:002009-05-31T00:01:25.386-04:00can this be run on Vista?can this be run on Vista?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-37798047.post-78081851984688719142009-05-17T05:00:00.000-04:002009-05-17T05:00:00.000-04:00Wow. With all that's out there involving computer...Wow. With all that's out there involving computers and the internet; so many great things to read or watch... you choose THIS? I'm a computer/internet fiend more than anyone I know, but I can't imagine the shame I'd feel if I became a part of this. Maybe it's just that I can't understand the thrill of "beating the system." What I do understand is that there are better ways to live. But hey, if you can't shake it, go ahead and take a look at my emails to friends while planning partys and trips... you can live vicariously. Have a blast... I'm just gonna try to forget I ever saw this cause it makes me sad.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-37798047.post-34598115852895345902009-02-15T00:51:00.000-05:002009-02-15T00:51:00.000-05:00I don't know what you mean by "it cannot log on to...I don't know what you mean by "it cannot log on to promiscouous mode". I suggest you quote the exact error message, and which program gave it.Robert Grahamhttps://www.blogger.com/profile/09879238874208877740noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-41242300017887496622009-02-14T22:03:00.000-05:002009-02-14T22:03:00.000-05:00I'm trying to build a laptop to run hamster and fe...I'm trying to build a laptop to run hamster and ferret. What would be an out of box laptop that can do it? I am looking for an right out of the box, all in one solution.. I am using the old Macbook Pro Core duo with the atheros 5006x card. I thought it would work, but ferret said that it cannot log on to promiscouous mode. Any input on that? Here's my config.<BR/><BR/>Atheros 5006x, WinXP SP3, Winpcap 4.1 beta 5, hamster, ferretUnknownhttps://www.blogger.com/profile/00550792023070808174noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-7201899788094571162009-02-14T22:01:00.000-05:002009-02-14T22:01:00.000-05:00I'm trying to build a laptop to run hamster and fe...I'm trying to build a laptop to run hamster and ferret. What would be an out of box laptop that can do it? I am using the old Macbook Pro Core duo with the atheros 5006x card. I thought it would work, but ferret said that it cannot log on to promiscouous mode. Any input on that? Here's my config.<BR/><BR/>Atheros 5006x, WinXP SP3, Winpcap 4.1 beta 5, hamster, ferretUnknownhttps://www.blogger.com/profile/00550792023070808174noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-82101920572770442822009-01-23T12:39:00.000-05:002009-01-23T12:39:00.000-05:00Hi man... This entry is something old but still I...Hi man... This entry is something old but still I will comment, researching about you and hamster I noticed that the only thing that is mentioned is gmail accounts, and I was testing on the LAN of my home and two friends opened their accounts Hotmail and I can open their sessions jejejeje surprised me a lot .. I read and send emails from their accounts, but what experiences have you had with yahoo and hotmail accounts?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-37798047.post-54601182468508903252008-10-03T22:34:00.000-04:002008-10-03T22:34:00.000-04:00I am doing research on what I can do to protect ou...I am doing research on what I can do to protect our corporate network from the vulnerability side jacking/cookie stealing exploits. I want my users to be able to log into our network, authenticate against our radius server and be able to securely surf whatever websites and me not have to worry about session hijacking. Is it possible to lock down all wireless connections so once the user authenticates their credentials on LDAP it generates something like a random RSA Key to encrypt all wireless traffic passed between the device and AP? All points of view are welcome.Robhttps://www.blogger.com/profile/06256455018864294569noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-69224163472142949652008-05-10T04:09:00.000-04:002008-05-10T04:09:00.000-04:00Graham, Does this work if you dont use wi-fi netwo...Graham, <BR/>Does this work if you dont use wi-fi network. Suppose, I have a normal desktop and I cant sniff the traffic outside my netowrk. If i want to hack gmail account outside the network but somewhere on the internet , how do we do this.GKhttps://www.blogger.com/profile/09815647676301544602noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-73449986839764742872008-01-19T18:16:00.000-05:002008-01-19T18:16:00.000-05:00Hey thanks for the copy of Hampster. It was just w...Hey thanks for the copy of Hampster. It was just what I needed for my hacker expo today. <BR/><BR/>I wrote about netbios hacking in my June 4 post on:<BR/>http://AnEliteLeader.blogspot.com/2007/06/netbios-hacking-artcrime-of.html<BR/><BR/>I just thought your readers might find it interesting.AELhttps://www.blogger.com/profile/09574362202502489453noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-27965521252165405402007-12-10T21:21:00.000-05:002007-12-10T21:21:00.000-05:00Only certain network cards are supported. My Ralin...Only certain network cards are supported. <BR/><BR/>My Ralink internal card = not supported, <BR/>My Orinoco Gold = Supported partially<BR/><BR/>If you are not getting any output when visiting gmail etc then your cards are not supported. <BR/><BR/>Also I only get traffic for my local machine which is pointless to me, i thought I could test my network to check if it was vuln, This is what I mean when I say the Orinoco Gold is partially supported.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-37798047.post-74925402233136377272007-10-29T15:26:00.000-04:002007-10-29T15:26:00.000-04:00Dear mates,I HAVE GOT A PROBLEM AND HOPEFULLY ANYO...Dear mates,<BR/><BR/>I HAVE GOT A PROBLEM AND HOPEFULLY ANYONE COULD ADVISE ME or Mr. Graham, could you please advise me on that?<BR/><BR/>I have bought a USB WiFi adapter and connect to my home AP, trying to sniff the network traffic. <BR/><BR/>I start up another machine, this target is connected to the same AP as the sniffing laptop. However, my sniffing laptop could not capture any traffics from the target but with the following output only:<BR/><BR/>rdware/index/Linksys_Wireless-G_USB_Network_Adapter.htm&dc_aff_id=&keys=router;Networking%20product;so<BR/>=1;1;1;1;1;1&index=0&cbl=0&ab=0&onf=1&omk=1&resultNum=1&time=5500&dc_aff_id=&bt=1&mod=2&rId=564_119368<BR/>360733; imprs=11"<BR/>proto="MS-BROWSE", op="domain", domain="WORKGROUP", hostname="YOUR-CB5E0316B2", ip.src=[192.168.1.100]<BR/>ID-IP=[169.254.72.178], macaddr=[00:0e:35:b2:f6:32]<BR/>ID-MAC=[00:0e:35:b2:f6:32], ip=[169.254.72.178]<BR/>ID-IP=[192.168.1.100], Multicast-groups=[239.255.255.250], groupname="SSDP"<BR/>ID-IP=[169.254.72.178], name="YOUR-CB5E0316B2<00>", type="NetBIOS"<BR/>ID-MAC=[00:0e:35:b2:f6:32], proto="DHCP", op="Hostname", hostname="your-cb5e0316b2"<BR/>ID-MAC=[00:0e:35:b2:f6:32], System="Windows 2k/XP/..."<BR/>ID-IP=[192.168.1.1], macaddr=[00:18:39:cc:87:01]<BR/>ID-MAC=[00:18:39:cc:87:01], ip=[192.168.1.1]<BR/>proto="DHCP", server=[192.168.1.1], op="offer", leasetime=86400<BR/>proto="DHCP", server=[192.168.1.1], op="offer", router=[192.168.1.1]<BR/>proto="DHCP", server=[192.168.1.1], op="offer", dns-server=[61.10.1.146]<BR/>proto="DHCP", server=[192.168.1.1], op="offer", dns-server=[203.83.112.1]<BR/>proto="DHCP", server=[192.168.1.1], op="offer", dns-server=[203.83.113.1]<BR/>proto="DHCP", server=[192.168.1.1], op="offer", domainname="voip.hkcable.com.hk"<BR/>ID-MAC=[00:0e:35:b2:f6:32], proto="DHCP", op="Request-IP", ip=[192.168.1.101]<BR/>ID-MAC=[00:0e:35:b2:f6:32], Hostname="your-cb5e0316b2.", proto="DHCP", op="FQDN"<BR/>ID-IP=[192.168.1.101], macaddr=[00:0e:35:b2:f6:32]<BR/>ID-MAC=[00:0e:35:b2:f6:32], ip=[192.168.1.101]<BR/>ID-IP=[192.168.1.101], Multicast-groups=[239.255.255.250], groupname="SSDP"<BR/>ID-MAC=[00:12:17:5f:81:a0], proto="DHCP", op="Hostname", hostname="your-cb5e0316b2"<BR/>ID-MAC=[00:12:17:5f:81:a0], System="Windows 2k/XP/..."<BR/>ID-IP=[192.168.1.100], macaddr=[00:12:17:5f:81:a0]<BR/>ID-MAC=[00:12:17:5f:81:a0], ip=[192.168.1.100]<BR/><BR/>If I surf the web with my sniffing laptop, it could capture the traffics and cookies if I use the Built-in Wifi adapter (Intel) and USB Wifi adapter (Realtrek) at the same time.<BR/><BR/>What's going on with my setting, am I set something wrongly? <BR/><BR/>If my AP is hidding its SSID, will it be affected? If the target laptop connects to AP with its built-in Intel Pro wireless adapter, will it be okay?<BR/><BR/>I do feel thankful to all of your help and advices.<BR/><BR/>Regards,<BR/>Anthony Lai, Hong KongDark Floydhttps://www.blogger.com/profile/01457178333126304897noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-68651362030809785962007-10-11T17:57:00.000-04:002007-10-11T17:57:00.000-04:00Why I can't run hamster? I use Vista but there is ...Why I can't run hamster? I use Vista but there is some problem...<BR/>There is a screenshot<BR/>http://img468.imageshack.us/img468/915/problemax0.jpgUnknownhttps://www.blogger.com/profile/04853506188235380412noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-53122880209302393852007-08-30T22:34:00.000-04:002007-08-30T22:34:00.000-04:00Hi I was unsuccessful in trying to run this but I ...Hi<BR/> I was unsuccessful in trying to run this but I want to ensure that I'm doing it right. <BR/><BR/>1- Running at home with wpa. I wanted to ensure that it is capturing the wpa handshake so I disconnected client machine and reconnected. Does hamster and ferret work with a wirless wpa network, or strictly unauthenticated?<BR/><BR/>2. Would it work in a network which does captive portal where you need to sign on first?<BR/><BR/>3.I am using an atheros based wireless card. Not sure why you would need rfmon mode if you need to be authenticated to the network not running in promiscuous mode?<BR/><BR/>Anyone have thoughts on above?<BR/><BR/>Thank you<BR/>CraigCraighttps://www.blogger.com/profile/14975079085377149881noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-17863720493438058402007-08-29T15:43:00.000-04:002007-08-29T15:43:00.000-04:00Hi I finally got it working and it is Fantastic!! ...Hi I finally got it working and it is Fantastic!! For everyone start Ferret first and wait for it so show activity in the command window, it will create the hamster.txt file on it's own THEN start Hamster after Ferret finds something. I tried starting Hamster right after and it just kept saying it couldn't find Hamster.txt. IT WORKS and is a fantastic tool. Thanks and great presentation at DEFCON!! WOOT WOOTUnknownhttps://www.blogger.com/profile/12098776651483444580noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-56489033966446634072007-08-29T15:42:00.000-04:002007-08-29T15:42:00.000-04:00Hi I finally got it working and it is Fantastic!! ...Hi I finally got it working and it is Fantastic!! For everyone start Ferret first and wait for it so show activity in the command window, it will create the hamster.txt file on it's own THEN start Hamster after Ferret finds something. I tried starting Hamster right after and it just kept saying it couldn't find Hamster.txt. IT WORKS and is a fantastic tool. Thanks and great presentation at DEFCON!! WOOT WOOTUnknownhttps://www.blogger.com/profile/12098776651483444580noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-50410100890660159192007-08-23T04:56:00.000-04:002007-08-23T04:56:00.000-04:00Great job Robert! I am very happy to see that all ...Great job Robert! I am very happy to see that all is going fine for you and Errata. Everybody talk about you. Receive all my encouragement.<BR/>Cheers.<BR/>-ben. (from Paris)Unknownhttps://www.blogger.com/profile/07804648077616447435noreply@blogger.com