Big-Papa Integrates Javascript and python for remote cookie stealing which then can be used for session hijacking

Last update: Jan 03, 2023

Overview

[ [

Big-Papa

Big-Papa Integrates Javascript and python for remote cookie stealing which then can be used for session hijacking

IN ACTION

The Higlighted data is the cookie of ongoing admin session on a router(gateway)

Now we can use something Like Burpsuite to Load the cookies and Hijack the admin session

𝗜𝗡𝗦𝗧𝗔𝗟𝗟𝗔𝗧𝗜𝗢𝗡 𝗜𝗡𝗦𝗧𝗥𝗨𝗖𝗧𝗜𝗢𝗡𝗦

1 chmod +x install.sh

2 ./install.sh

PLease Note that you need to edit the Javascript File to your own Local IP address

How Does it work?

Big-Papa utilizes malicious javascript code injection...and then makes a GET Request(with cookies) to the Python Web server running on the attacker machine

Note That you need to be man in the middle in order to inject the malicious javascript Code and then steal cookies of the website that the victim is currently visting

For testing purposes copy the Javascript code from the bgp.js file without the script tags and execute in the console of the browser

You can use Bettercap in-order to become man-in-the-middle using bettercap or use arp spoof and then run Big-Papa to inject Javascript

For HTTPS?

Big-Papa will work Perfectly against HTTP websites but For HTTPS you can use sslstrip to Downgrade it to HTTP and then utilize Big-Papa

*SSLstrip --> https://github.com/moxie0/sslstrip.git

Still some websites use HTTP and thus their data including Passwords can be read in Clear text but we need to steal cookies in some cases in order to Bypass 2-Factor-Authentication

𝕌ℙ𝔻𝔸𝕋𝔼

There were problems with writing code for javscript injector due to ongoing problems with netfilterqueue installation

BUT YOU CAN STILL USE BETTERCAP TO BECOME MAN IN THE MIDDLE AND ALSO INJECT JAVASCRIPT CODE USING BETTERCAP

*INSTALL BETTERCAP AS FOLLOWS

sudo apt install bettercap

Then you can run Big-Papa to capture cookies

You can manually perform the mitm attack and then inject the Javascript code with Big-Papa.py script runnning along

A new feature to mail the captured cookies to user specified e-mail will be added soon...

𝑴𝑨𝑲𝑬_𝑰𝑻_𝑩𝑬𝑻𝑻𝑬𝑹

To make Big-Papa Even Better Contribute to it Or use and Report Any Bugs or fixes Required..

git clone https://github.com/SxNade/Big-Papa

Big-Papa Integrates Javascript and python for remote cookie stealing which then can be used for session hijacking

Related tags

Overview

Big-Papa

IN ACTION

𝗜𝗡𝗦𝗧𝗔𝗟𝗟𝗔𝗧𝗜𝗢𝗡 𝗜𝗡𝗦𝗧𝗥𝗨𝗖𝗧𝗜𝗢𝗡𝗦

How Does it work?

For HTTPS?

𝕌ℙ𝔻𝔸𝕋𝔼

𝑴𝑨𝑲𝑬_𝑰𝑻_𝑩𝑬𝑻𝑻𝑬𝑹

Owner

A small POC plugin for launching dumpulator emulation within IDA, passing it addresses from your IDA view using the context menu.

SubFind - Subdomain Finder Tools

A hack for writing switch statements with type annotations in Python.

Python script that sends CVE-2021-44228 log4j payload requests to url list

Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1

Security-TXT is a python package for retrieving, parsing and manipulating security.txt files.

Backdoor is a term that refers to the access of the software or hardware of a computer system without being detected.

Cve-2021-22005-exp

A Telegram Bot to force users to join a specific channel before sending messages in a group.

A tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine or expire obfuscated scripts.

A simple linux keylogger project.

A Python & JavaScript Obfuscator made in Python 3.

👑 Discovery Header DoD Bug-Bounty

An All-In-One Pure Python PoC for CVE-2021-44228

使用golang重写开源工具wafw00f

A proxy for asyncio.AbstractEventLoop for testing purposes

Simple tool to create passwords.

A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence of a file

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit