Big-Papa Integrates Javascript and python for remote cookie stealing which then can be used for session hijacking

Related tags

Security related resourcesjavascriptcookiespython3bypassingsession-storesession-cookieauthentication-backendmitm-attackscookie-authenticationhijack-jsmaninthemiddleattack2factorsession-stealercookie-stealerinject
Overview

[SxNade Python Version Maintenance Stage [Update Ask Me Anything ! Discord

Big-Papa

Capture

Big-Papa Integrates Javascript and python for remote cookie stealing which then can be used for session hijacking

IN ACTION

Capture

The Higlighted data is the cookie of ongoing admin session on a router(gateway)

Now we can use something Like Burpsuite to Load the cookies and Hijack the admin session

๐—œ๐—ก๐—ฆ๐—ง๐—”๐—Ÿ๐—Ÿ๐—”๐—ง๐—œ๐—ข๐—ก ๐—œ๐—ก๐—ฆ๐—ง๐—ฅ๐—จ๐—–๐—ง๐—œ๐—ข๐—ก๐—ฆ

1 chmod +x install.sh

2 ./install.sh

PLease Note that you need to edit the Javascript File to your own Local IP address

Capture

How Does it work?

Big-Papa utilizes malicious javascript code injection...and then makes a GET Request(with cookies) to the Python Web server running on the attacker machine

Note That you need to be man in the middle in order to inject the malicious javascript Code and then steal cookies of the website that the victim is currently visting

For testing purposes copy the Javascript code from the bgp.js file without the script tags and execute in the console of the browser

You can use Bettercap in-order to become man-in-the-middle using bettercap or use arp spoof and then run Big-Papa to inject Javascript

For HTTPS?

Big-Papa will work Perfectly against HTTP websites but For HTTPS you can use sslstrip to Downgrade it to HTTP and then utilize Big-Papa

*SSLstrip --> https://github.com/moxie0/sslstrip.git

Still some websites use HTTP and thus their data including Passwords can be read in Clear text but we need to steal cookies in some cases in order to Bypass 2-Factor-Authentication

๐•Œโ„™๐”ป๐”ธ๐•‹๐”ผ

There were problems with writing code for javscript injector due to ongoing problems with netfilterqueue installation

BUT YOU CAN STILL USE BETTERCAP TO BECOME MAN IN THE MIDDLE AND ALSO INJECT JAVASCRIPT CODE USING BETTERCAP

*INSTALL BETTERCAP AS FOLLOWS

sudo apt install bettercap

Then you can run Big-Papa to capture cookies

You can manually perform the mitm attack and then inject the Javascript code with Big-Papa.py script runnning along

A new feature to mail the captured cookies to user specified e-mail will be added soon...

๐‘ด๐‘จ๐‘ฒ๐‘ฌ_๐‘ฐ๐‘ป_๐‘ฉ๐‘ฌ๐‘ป๐‘ป๐‘ฌ๐‘น

To make Big-Papa Even Better Contribute to it Or use and Report Any Bugs or fixes Required..

git clone https://github.com/SxNade/Big-Papa

Owner
๐ŸŒŒ โ€œCreate Don't Hateโ€๐Ÿš€๐Ÿš€
GitHub Repository
DoSer.py - Simple DoSer in Python

DoSer.py - Simple DoSer in Python What is DoSer? DoSer is basically an HTTP Denial of Service attack that affects threaded servers. It works like this

1 Oct 12, 2021
log4j2 passive burp rce scanning tool get post cookie full parameter recognition

log4j2_burp_scan ่‡ช็”จ่„šๆœฌlog4j2 ่ขซๅŠจ burp rceๆ‰ซๆๅทฅๅ…ท get post cookie ๅ…จๅ‚ๆ•ฐ่ฏ†ๅˆซ๏ผŒๅœจceye.io api้€Ÿ็Ž‡้™ๅˆถไธ‹๏ผŒๆœ€ๅคง็บฟ็จ‹ๆ‰ซๆๆฏไธ€ไธชๅ‚ๆ•ฐ๏ผŒ่ฎฐๅฝ•่ฟ‡ๆปคๅทฒๆฃ€ๆต‹ๅœฐๅ€๏ผŒ้‡ๅคๅœฐๅ€ tokenๆ›ฟๆขไธบไฝ ่‡ชๅทฑ็š„http://ceye.io/ token ๅ’ŒๅŸŸๅๅœฐๅ€

5 Dec 10, 2021
Moodle community-based vulnerability scanner

badmoodle Moodle community-based vulnerability scanner Description badmoodle is an unofficial community-based vulnerability scanner for moodle that sc

Michele Di Bonaventura 11 Dec 22, 2022
Dumping revelant information on compromised targets without AV detection

DonPAPI Dumping revelant information on compromised targets without AV detection DPAPI dumping Lots of credentials are protected by DPAPI (link ) We a

Login Securite 580 Jan 09, 2023
CloakifyFactory & the Cloakify Toolset - Data Exfiltration & Infiltration In Plain Sight;

CloakifyFactory CloakifyFactory & the Cloakify Toolset - Data Exfiltration & Infiltration In Plain Sight; Evade DLP/MLS Devices; Social Engineering of

3 Oct 18, 2022
Infection Monkey - An automated pentest tool

Infection Monkey Data center Security Testing Tool Welcome to the Infection Monkey! The Infection Monkey is an open source security tool for testing a

Guardicore Ltd. 6k Jan 09, 2023
Archive-Crack - A Tools for crack file archive

Install In TERMUX apt update && apt upgrade -y pkg install python git unrar

X - MrG3P5 10 Oct 06, 2022
A proxy for asyncio.AbstractEventLoop for testing purposes

aioloop-proxy A proxy for asyncio.AbstractEventLoop for testing purposes. When tests writing for asyncio based code, there are controversial requireme

aio-libs 12 Dec 12, 2022
Cve-2021-22005-exp

cve-2021-22005-exp 0x01 ๆผๆดž็ฎ€ไป‹ 2021ๅนด9ๆœˆ21ๆ—ฅ๏ผŒVMwareๅ‘ๅธƒๅฎ‰ๅ…จๅ…ฌๅ‘Š๏ผŒๅ…ฌๅผ€ๆŠซ้œฒไบ†vCenter Serverไธญ็š„19ไธชๅฎ‰ๅ…จๆผๆดž๏ผŒ่ฟ™ไบ›ๆผๆดž็š„CVSSv3่ฏ„ๅˆ†่Œƒๅ›ดไธบ4.3-9.8ใ€‚ ๅ…ถไธญ๏ผŒๆœ€ไธบไธฅ้‡็š„ๆผๆดžไธบvCenter Server ไธญ็š„ไปปๆ„ๆ–‡ไปถไธŠไผ ๆผๆดž(CVE-20

Jing Ling 146 Dec 31, 2022
CVE-2021-26855: PoC (Not a HoneyPoC for once!)

Exch-CVE-2021-26855 ProxyLogon is the formally generic name for CVE-2021-26855, a vulnerability on Microsoft Exchange Server that allows an attacker b

ZephrFish 24 Nov 14, 2022
WpDisect is a wordpress hacking tool that finds vulnerabilities in wordpress.

wpdisect WpDisect is a wordpress hacking tool that finds misconfigurations in wordpress. Prerequisites You need to download wordpress in the wpdisect

3 Feb 20, 2022
This repository will contain python scripts for hackers and pentesters

This repository will contain python scripts for hackers and pentesters. stop being limited with availble tools. Build your own.

0xTRAW 24 Nov 29, 2022
Get related domains / subdomains by looking at Google Analytics IDs

DomainRelationShips โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆ

Josuรฉ Encinar 161 Jan 02, 2023
Log4j vuln fuzz/scan with python

Log4jFuzz log4j vuln fuzz/scan USE // it's use localhost udp server to check target vuln. python3 log4jFuzz.py [option] optional arguments: -u URL,

VVzv 3 Dec 22, 2021
PassLock is a medium-security password manager that encrypts passwords using Advanced Encryption Standards (AES)

A medium security python password manager that encrypt passwords using Advanced Encryption Standard (AES) PassLock is a password manager and password

Akshay Vs 44 Nov 18, 2022
Detection tool of malware(s) by checksum (useful for forensic)

๐Ÿ malware_checker.py Detection tool of malware(s) by checksum (useful for forensic) ๐Ÿ“ฆ Dependencies installation $ pip3 install -r requirements.txt

Fayred 1 Jan 30, 2022
ๅคงๅฎๅ‰‘-ไฟกๆฏๆ”ถ้›†ๅ’Œ่ต„ไบงๆขณ็†ๅทฅๅ…ท๏ผˆ็บข้˜Ÿใ€่“้˜Ÿใ€ไผไธš็ป„็ป‡ๆžถๆž„ใ€ๅญๅŸŸๅใ€Web่ต„ไบงๆขณ็†ใ€WebๆŒ‡็บน่ฏ†ๅˆซใ€ICON_Hash่ต„ไบงๅŒน้…๏ผ‰

ๅคงๅฎๅ‰‘-ไฟกๆฏๆ”ถ้›†ๅ’Œ่ต„ไบงๆขณ็†ๅทฅๅ…ท๏ผˆ็บข้˜Ÿใ€่“้˜Ÿใ€ไผไธš็ป„็ป‡ๆžถๆž„ใ€ๅญๅŸŸๅใ€Web่ต„ไบงๆขณ็†ใ€WebๆŒ‡็บน่ฏ†ๅˆซใ€ICON_Hash่ต„ไบงๅŒน้…๏ผ‰

Wolf Group Security Team 835 Jan 05, 2023
Mr.Holmes is a information gathering tool (OSINT)

๐Ÿ” Mr.Holmes Mr.Holmes is a information gathering tool (OSINT). Is main purpose is to gain information about domains,username and phone numbers with t

534 Jan 08, 2023
IDA Python Script for anti ollvm

IDA Python Script for anti ollvm

Shocker 62 Dec 23, 2022
Python-based proof-of-concept tool for generating payloads that utilize unsafe Java object deserialization.

Python-based proof-of-concept tool for generating payloads that utilize unsafe Java object deserialization.

Astro 9 Sep 27, 2022