Recently mozilla add on namely " FireSheep" is used for hack thousands of email accounts . As reported by techcurnch, Firesheep has been downloaded more than 104,000 times in roughly within 24 hours.
How?
The Firesheep uses HTTP Session Hijacking to gain the username and password.
What is HTTP Session Hijacking?
Attacker use HTTP session Hijacking to steal the cookies from victim. Cookies are file which contains the password and username .
Using this HTTP Session Hijacking method you can hack Facebook Google, Yahoo, Orkut, Flickr etc or any other email account.
How to use this Firesheep to steal the cookies?
You will need this requirements:
Step 1:
Download the Firesheep file.
Right click on the file and select "Open With"
and select Mozila Firefox.
Once you have installed firesheep on firefox web browser, Click on view at the top, then goto sidebarand click on Firesheep
What is the Special in FireSheep?
Using FireSheep add on you can control any account without knowing the username and password . The Social Network giant Facebook is victim of this Firesheep.
Using FireSheep add on you can control any account without knowing the username and password . The Social Network giant Facebook is victim of this Firesheep.
How?
The Firesheep uses HTTP Session Hijacking to gain the username and password.
What is HTTP Session Hijacking?
Attacker use HTTP session Hijacking to steal the cookies from victim. Cookies are file which contains the password and username .
Using this HTTP Session Hijacking method you can hack Facebook Google, Yahoo, Orkut, Flickr etc or any other email account.
How to use this Firesheep to steal the cookies?
You will need this requirements:
- Public wifi access
- winpcap
- Firesheep(Download)
Step 1:
Download the Firesheep file.
Right click on the file and select "Open With"
and select Mozila Firefox.
Step 2:
Once you have installed firesheep on firefox web browser, Click on view at the top, then goto sidebarand click on Firesheep
Step 3:
Now click on the top left button "Start capturing" and it will start to capture the session cookies of people in your wifi network, This will show you the list of those people whose cookies are captured and have visited unsecured website known to firesheep, Double click on the photo and you will be logged in instantly
courtesy - breakthesecurity.com
0 comments:
Post a Comment