Side-Jacking with Hamster+Ferret

I’m going to show you how to use Hamster and Ferret to side-jack a Facebook account (I use my own) by capturing traffic and replaying it. These tools are simple but very powerful, and to prove just how insecure web browsing can be, I will demo them to prove my point. Use them only on your test environment, I am not responsible for their miss use.

From Hamsters readme:

Hamster is tool or “sidejacking”. It acts as a proxy server that
replaces your cookies with session cookies stolen from somebody
else, allowing you to hijack their sessions.

Cookies are sniffed using the Ferret program.

From Ferrets readme:

Ferret is a tool for sniffing and analyzing packets and pulling out
“interesting” information. It’s like ‘tcpdump’ in some ways, but it
doesn’t print a decode per packet. Instead, it only outputs when it
has something interesting to show. This might be several lines of
text for a single packet, and nothing for thousands more packets.

Let us begin…

Get Hamster and Ferrets source code and unzip it. There are also MS Windows binaries available, if you’re into that sort of thing. :)

$ wget
$ sudo pacman -S zip unzip
$ unzip

Build the tools

$ cd ../../ferret/build/gcc4
$ make
$ cd ../../bin
$ cd hamster/build/gcc4
$ make

Launch the hamster proxy and configure your web browser to use hamster as its proxy.

$ cd ../../bin/
$ ./hamster
$ chromium --proxy-server

Point your web browser to and tell hamster to use a network interface. Eth0 or wlan0 are common. The interface must be in, or allow promiscuous mode. You might need to set this up before hand on some systems.



Once you are setup, generate some traffic by browsing around on your local machine or on a unencrypted WiFi connection to test the functionality of hamster and ferret. If you are using one machine having two web browsers is helpful. Here is a video showing off the attack.

To protect against this sort of attack, always use encryption on your wireless communications. An unencrypted WiFi signal at your local coffee shop could mean the loss of your personal data.


Tony is a system administrator from Seattle, WA. He specializes in secure, minimal, Linux installations.

Posted in Security Tagged with: , ,

What did you think?


Enjoy what we do? Want to stay updated? Enter a valid E-mail address, and never miss a thing.

%d bloggers like this: