Hi, I'm trying to sidejack my yahoo.com email account. I go into kali, start wireshark, login to my mail, and save the wireshark capture to MyLogin.pcap.

I then clear all browser (iceweasel) history, start Ferret with -r MyLogin.pcap, start hamster, set my browser to use 127.0.0.1:1234 as a proxy (for all protocols) and go to http://hamster.

I can select my ip addr and see all the captured cookies. If I click on www.yahoo.com, this diverts to https://www.yahoo.com and I get "Server not found" in Iceweasel. It's the same for any site that diverts to https. If the site stays on http I'm fine.

If I then try and get to any https site directly in Iceweasel I get the same "Server not found" error until I turn off the hamster proxy.

I really want to get this sidejacking working, is there any solution to this please? I've been trying for about six hours so far today.

Thx a lot for any help, HT.

Hey all, I'm working on a challenge to extract as much info from a pcap file as possible.

The file definitely shows the user was in yahoo mail and I think that's the target.

Yahoo is all https now, so is it possible to hijack the account (it's a test account, not someones personal mail) with the cookie in the pcap file?

Apols if this is a really dumb question, I'm a total noob.

Cheers, HT.