am working on this at the moment...if anyone want to try it for bugs or you would like to see something added etc
the main use of the program is to analyse whats sent and to give out the full url path...and to analyse cookie data to perhaps used to create a crafted URL
i think i will expand it further having added the
cookie
hints
browser
capture
i modified the original Formsniffer code and corrected some minor errors i found in the code also modified the interface (free souce code)
FS3 a program to analyse date being sent across the net
---------------
getting started
---------------
create a folder and unzip , run from folder or a shortcut to your desktop
tested on winXP Pro
files:
FS3.exe 24kb
help.txt 4kb
fs3.jpg 142kb
**********************************************
THIS PROGRAM WORKS WITH IE ONLY for the moment
**********************************************
see COOKIE section First !!!!!!!!!!
*************
MAIN PROGRAM:
*************
(1) browser to your page you want to sniff for example: http://www.somesite/login.asp
(2) start FS3 and click the select Browser window arrow ...and select login page ....it will activate the sniffer !!!
(3) enter your user and password and press the login button on the page
(4) this data should now be visible in FS3 for analysis
(5) use the slidebar to view previous captured data
(6) cut and paste to a browser your reformed url
*****************
Cookies IMPORTANT
*****************
#### IN ORDER TO CAPTURE COOKIES FROM THE START YOU MUST START COOKIE SNIFFER *** FIRST AND Minimize its window !!!! ****
CLICK CACHE AND PROCEED to start cookie sniffer #####
----------------------------------------------------------------
once a new cookie is deposited you will be notified by a message
*********** "YOU dont have to use the COOKIE sniffer.... YOU can use the form sniffer by its SELF" *******************
BUT using this program gives you the instant alert a site has uploaded a cookie...so you know what site is up to no good
anyway i think you understand
..
well if you logged in after the above steps and cookie options were enabled then you can browse to the directory to analyse your cookie content.
not only that this will disaplay temp folders,files , cookies, etc
cookies can be used for many things.... also can be used to access a site posing as some admin
providing you know how to craft your Url's and spoof your way in
(dont ask me how...read up on it ...i had to ..HINT::: see XMB FORUM EXPLOIT PAPER then you get the idea)
http://www.how-to-ha.../xmbexploit.txt
there are plenty of papers and tools about cookie stealing and uses and tips to avoid them being stolen .... search for them ?????
*****
Hints
*****
we these will give you some idea's about this tool
for instance you could use this tool to create SQL attacks or to find file paths to targets.. ie (validate files and scripts)
you could also use the form to craft your own url using cookies to try bypass the login screens etc
another thing you might be able to index the server by revealing full paths to scripts etc
test your own login screen....see what yoursite reveals you might be suprised with your path on view to some php,.pl,cgi script
Now in the image i have provided you could try to manipulate the url to gain access or preform SQL attack and inject some code or it could lead you to config,database info plus more
how you use it depends on what you know
********
Snapshot
********
what it says... it will ONLY take one snapshot at a time and WILL overwrite a previous snapshot to save space !!!!!!
so IF you want to take several...you will have to rename the image.bmp in the exe folder
*******
regards
ComSec
http://www.how-to-hack.org
19/1/2004
screenshot:
Attached Files
-
fs3.jpg 139.01K
209 downloads
