Firesheep – Social Network Session Stealing/Hijacking Tool

A huge moving ridge has been made past times this tool inwards the mainstream media this calendar week equally it makes session stealing/hijacking a click in addition to larn procedure. It was released at Toorcon 12 in addition to is only a Firefox Add-on.
Stealing sessions/passwords in addition to thus on is something we’ve been able to exercise for a LONG fourth dimension using Firesheep: Making the Complicated Trivial

Firesheep hacks into Facebook, Twitter

Firesheep sniff tool prompts Facebook warning

‘Firesheep’ on Firefox could locomote used for b-a-a-d

Lazy Hackers Unite: Firesheep Boasts +104,000 Downloads In 24 Hours

I await you lot already know how to protect yourself from this form of attack, but if you lot don’t…use a VPN whenever you lot are on a world Wifi spot! If you lot don’t convey VPN access or can’t locomote arsed to laid 1 upward exactly brand certain you lot strength SSL/TLS on every site you lot surf – but exercise banking concern notation to protect against this attack, you lot convey to encrypt the entire session in addition to non exactly the initial authentication.
Google has a secure search option equally good hither – https://encrypted.google.com/
You tin john detect the slides from the Toorcon 12 presentation here:
Hey Web 2.0: Start protecting user privacy instead of pretending to
Requirements
Windows users are required to install WinPcap.
You tin john download Firesheep v0.1 here:
firesheep-0.1-1.xpi
Or read to a greater extent than here.

Share This :