The Cookie Tools v0.3 -- first public release

From: michele dallachiesa (michele.dallachiesa@gmail.com)
Date: Mon Dec 10 2007 - 08:45:55 EST

• Next message: daniel martin gomez: "[tool] Announcing dradis"
• Previous message: Clone: "Re: SMTP Pen Test"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

hi,
I would like to announce you the first public release of The Cookie
Tools project!

included tools:

** cookiesniffer **
cookiesniffer is a simple and powerful cookie sniffer that recognizes
(through heuristics) and reconstructs (through libnids) new and
existing HTTP connections, parsing any valid or partially valid HTTP
message. The output is a set of files containing the gathered
information with time-stamps in a format that can be trivially
searched and parsed with standard UNIX tools such as grep, awk, cut
and sed. It supports wireless (AP_DLT_IEEE802_11) networks.

** analyzers **
this set of Bash scripts help you to analyze quickly the logs of cookiesniffer.

** cookieserver **
with cookieserver you can impersonate the cookies of someone else in
your browser using the logs of cookiesniffer (in few seconds). This
attack is also called "side-jacking", "cookie replay attack" and "HTTP
session hijacking" but probably I'm missing other fancy names. This is
something known from ten years but that is still (too much) effective.

This project is released under license GPL version 2.

Download:
http://xenion.antifork.org/cookietools/index.html

A list of public vulnerable web services is available here:
http://xenion.antifork.org/cookietools/lista/index.html
If you know other vulnerable services, mail me and i'll add them to
the VULN list.
If you know some not vulnerable services, mail me and i'll add them to
the SECURE list.
Use "COOKIETOOLS LISTA" as subject to skip my spam filters.

why HTTPS is not the default in this type of services? this is a big
silent hole. maybe, today is less silent :)

Cheers,

-- 
Michele Dallachiesa 'xenion' http://xenion.antifork.org
Antifork Research, Inc.
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------

• Next message: daniel martin gomez: "[tool] Announcing dradis"
• Previous message: Clone: "Re: SMTP Pen Test"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:14 EDT