Once you have their log, use their token as explained in Usage. One good trick to get a fresh log from them might be to pretend that you are a developer and that you need their log to fix a bug they have. Old logs will not work, they have already been invalidated. In order to steal the session of an admin, you need a fresh launcher log from them. They are meant to indicate that you did something wrong, not that the hack is broken.Īnd that's all you need to steal anyone's session! Simple, right? That's because this Session Stealer is designed to be as simple and user-friendly as possible. Please do not open a bug report if you get one of these errors. There are some other error messages that could come up, but they are pretty rare and totally self-explanatory. Try a different one.”) or you didn't correctly paste the token into the text field (“That is not a session token!”).
If you get an error, then the token has either been invalidated (“This token doesn't work anymore. Then you press the Steal Session button and, if the token is still valid, you're good to go. And that's because you are supposed to paste the random letters and numbers (highlighted in the above example) into that text field.
You might have noticed that the text field in the Session Stealer says the same thing. (Session ID is token: AWholeLotOfLettersAndNumbers:MoreRandomLettersAndNumbers)
