Monday, January 7, 2008


The Cookie Tools 0.3
This project includes two tools:

* cookiesniffer is a simple and powerful cookie sniffer that recognizes (through heuristics) and reconstructs (through libnids) new and existing HTTP connections, parsing any valid or partially valid HTTP message. The output is a set of files containing the gathered information with time-stamps in a format that can be trivially searched and parsed with standard UNIX tools such as grep, awk, cut and sed. It supports wireless (AP_DLT_IEEE802_11) networks.
* cookieserver lets you to impersonate the cookies of someone else in your browser using the logs of cookiesniffer (in few seconds). This attack is also called "side-jacking", "cookie replay attack" and "HTTP session hijacking" but probably I'm missing other fancy names. This is something known from ten years but that is still (too much) effective.

download and info