View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0000556Kali LinuxNew Tool Requestspublic2013-08-29 09:362020-02-10 14:49
Reportersaberzaid Assigned To 
PrioritynormalSeverityfeatureReproducibilityhave not tried
Status closedResolutionwon't fix 
Summary0000556: CookieCatcher - Session Hijacking Tool
Description

CookieCatcher is an open source application which was created to assist in the exploitation of XSS (Cross Site Scripting) vulnerabilities within web applications to steal user session IDs (aka Session Hijacking). The use of this application is purely educational and should not be used without proper permission from the target application.

Features:

  • Prebuilt payloads to steal cookie data
  • Just copy and paste payload into a XSS vulnerability
  • Will send email notification when new cookies are stolen
  • Will attempt to refresh cookies every 3 minutes to avoid inactivity timeouts
  • Provides full HTTP requests to hijack sessions through a proxy (BuRP, etc)
  • Will attempt to load a preview when viewing the cookie data
  • PAYLOADS
  • Basic AJAX Attack
  • HTTPONLY evasion for Apache CVE-20120053
  • More to come

download:

https://github.com/DisK0nn3cT/CookieCatcher

Activities

g0tmi1k

g0tmi1k

2018-01-29 14:49

administrator   ~0008373

To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):

  • [Name] - The name of the tool
  • [Version] - What version of the tool should be added?
    --- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag)
  • [Homepage] - Where can the tool be found online? Where to go to get more information?
  • [Download] - Where to go to get the tool?
  • [Author] - Who made the tool?
  • [Licence] - How is the software distributed? What conditions does it come with?
  • [Description] - What is the tool about? What does it do?
  • [Dependencies] - What is needed for the tool to work?
  • [Similar tools] - What other tools are out there?
  • [How to install] - How do you compile it?
  • [How to use] - What are some basic commands/functions to demonstrate it?
g0tmi1k

g0tmi1k

2020-02-10 14:49

administrator   ~0012092

Hasn't been updated since 2013

Issue History

Date Modified Username Field Change
2013-08-29 09:36 saberzaid New Issue
2018-01-29 14:49 g0tmi1k Note Added: 0008373
2019-12-09 13:30 g0tmi1k Severity minor => feature
2020-02-10 14:49 g0tmi1k Note Added: 0012092
2020-02-10 14:49 g0tmi1k Status new => closed
2020-02-10 14:49 g0tmi1k Resolution open => won't fix