‘The Cookie Tools’

Summary

Credit:

‘The information has been provided by michele dallachiesa.
To keep updated with the tool visit the project’s homepage at: http://xenion.antifork.org/cookietools/index.html


Details

‘The cookie tool project includes two tools:
 * cookiesniffer is a simple and powerful cookie sniffer that recognizes (through heuristics) and reconstructs (through libnids) new and existing HTTP connections, parsing any valid or partially valid HTTP message. The output is a set of files containing the gathered information with time-stamps in a format that can be trivially searched and parsed with standard UNIX tools such as grep, awk, cut and sed. It supports wireless (AP_DLT_IEEE802_11) networks.

 * cookieserver lets you to impersonate the cookies of someone else in your browser using the logs of cookiesniffer (in few seconds). This attack is also called ‘side-jacking’, ‘cookie replay attack’ and ‘HTTP session hijacking’ but probably I’m missing other fancy names. This is something known from ten years but that is still (too much) effective.’

Categories: Tools