Episode 412 — Session Hijacking and Virtualizing Servers

Session Hijacking with a Pineapple, Hamster and Ferret and cell phone? A free and easy way to virtualize physical servers! And is WPA Broken? Ikea clusters, screencasting, and canvas technolust.
[ MP4 | XviD | WMV ]

Show Notes

Is WPA Broken? Interesting stuff coming out of PacSec this year. Ars has a great writeup about it our check out Martin Beck and Erik Tews’ paper Practical attacks against WEP and WPA (PDF). There is a proof of concept tool available from the Aircrack-NG folks. Take a look at Tkiptun-ng. At time of writing the tool is not fully functional. Something to keep an eye on.

Steve P. writes to us about the Helmer beowulf cluster. This 6xCore2Quad is sure to make any geek smile. Kitty approved too! While stuffing a personal cluster into an Ikea cabinet is novel in and of itself the mad scientist behind it has thought some insane cluster designs including the 50 tflop Helmer 2 and the 4 pflop Helmer 3. All I can say is I want one. Thanks for the links Steve.

Darren enjoys a Bondages’ No Problem while Matt and Shannon stick with the margaritas.

More importantly Darren talks about Session Hijacking and demos a tool from Errata Security called Hamster and Ferret that, in conjunction with the latest 2.0 build of Jasager, an ICS’d EVDO connection and Tftpd32 we’re able to “sidejack” with our little man-in-the-middle setup. Lesson learned? Be suspicious of any wifi. Check for signatures of trusted networks and tunnel your traffic. We’ll come back to this topic with a more indepth segment on Jasager detection and traffic encryption soon.

A note on trivia. Please answer trivia questions on the Hak5 forums from now on. We would love to continue doing dual winners but with growing prize costs we cannot. Also, if you’re interested in volunteering to help with trivia code challenges lend a hand in the Dev5 board.

Matt shows us how to convert a physical server into a virtual server locally using the free VMware converter tool and talks about some of the concerns you must consider when preparing to virtualize. If you have virtualization questions hit up Matt and we’ll cover ’em on future segments. Matt at Hak5 d0t org.

Alex W. writes with a question about screen recording. We highly recommend the open source Camstudio as well as FRAPS and Techsmith’s Camtasia Studio (warning: sticker shock may occur at techsmith.com). Paul (our “camera guy”) suggests checking out the new screen capturing functionality of the latest verison of VLC, especially if you’re on the Linux or Mac side.

As always we’d love to hear your feedback. Your questions, comments or concerns can be directed to [email protected]. And lastly we’d like to thank Nikki Colp for the amazing Hak5 painting. We have it prominently displayed in our living room. You can watch it (and us) live 24×7 at HakHouse.com. It’s a crazy interactive project we’re working on. Just wait ’till we get the web-enabled robots up in there. 😉

Trust your Technolust


  • Bithunt3r

    I have used Wink [http://en.wikipedia.org/wiki/Wink_(tutorial_software)] before, it is available for Windows and Linux. There is something called Istanbul [http://live.gnome.org/Istanbul] for Linux.

  • El Di Pablo

    I’m a little hurt to not have received a shout out for the Jasager portion Darren. I ran into you at Toorcon, and told you I was doing my final report for college using jasager and Sidejacking. I even posted about my idea in the forums here: http://is.gd/8fqJ

    What gives?


  • El Di Pablo

    Hamster/Ferret don’t work with https by the way. You guys mentioned account transfers, and secure websites using browser cookies, which is true, but Hamster and Ferret can’t sidejack those…

    You can however still use Cain and Abel with arp poisoning to capture passwords from SSL encrypted sites and run them against a rainbow table… Maybe that can be in a future episode though.


  • David

    Maybe you’ve covered this, but I’ve searched the forums, where did you say you purchased the FON2100? All I see is FON2201B routers. Will those work?

  • Mike Chelen

    @EDP – Don’t be upset as a researcher, but as a viewer, because it was harder for us to track down info about the story =P
    Also, the blog, forum, and separate rev3 forum are a little splintered and disorganized. Don’t be too upset if they mess up on stuff like this from time to time, because it still increased awareness and interest in the issue.
    BTW That last method you mention is fascinating, and would be an excellent topic to explore.

  • El Di Pablo


    I of course am always up for spreading awareness. Just being selfish I guess. Still, they give shout outs to other forum goers all the time, would have been nice to have been recognized that’s all 🙂

  • Darren

    @EDP, dude I totally remember you from Toorcon. I just found the thread about your college report. Way to go on the A dude. But more to the point I wish I had seen the thread before shooting cause I would have most definitely given you a shout out.

    A similar thing happened last episode too with the Helmer cluster thing. I had credited Steve P. (Shadowfox) for emailing me about it but it seems Tom E. (Ghost) had also sent it to me in another form of communication (probably the forum, IRC or IM). Ghost emailed me about the mistake.

    I’ll have to mention this in the next ep. Any chance to pimp http://www.bauer-power.net 🙂

    Hope things are going well for you. You going to Shmoocon?

  • El Di Pablo


    Hey, thanks for stopping by the blog and leaving the comment! I really appreciate it.

    You don’t have to pimp Bauer-Power on the next ep if you don’t want to… but if you are going to anyway, then don’t let me stop you 😉

    Thanks for taking the time to respond 🙂 You guys really do have a great show with lots of info.


  • JesusitaEWeast

    First of all I want to say terrific blog! I had a quick
    question that I’d like to ask if you don’t mind.
    I was interested to find out how you center yourself and clear your head before writing.
    I’ve had difficulty clearing my mind in getting my ideas
    out there. I do take pleasure in writing but it just seems like the first 10
    to 15 minutes tend to be lost just trying to figure out how
    to begin. Any recommendations or tips? Kudos!

  • ClydeKWene

    Incredible! This blog looks exactly like my old one! It’s on a completely different subject but it has pretty much the same page layout and
    design. Outstanding choice of colors!

  • DyanODetorres

    Hello There. I found your blog the usage of msn. This is an extremely well written article.
    I’ll be sure to bookmark it and return to read extra of your useful info.
    Thanks for the post. I’ll certainly comeback.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>