Recently mozilla add on namely " FireSheep" is used for hack thousands of email accounts . As reported by techcurnch, Firesheep has been downloaded more than 104,000 times in roughly  within 24 hours.


What is the Special in FireSheep?
 Using FireSheep add on you can control any account without knowing the username and password . The Social Network giant Facebook is victim of this Firesheep.


How?
The Firesheep uses HTTP Session Hijacking to  gain the username and password.

What is HTTP Session Hijacking?
Attacker use HTTP session Hijacking to steal the cookies from victim.  Cookies are file which contains the password and username .

Using this HTTP Session Hijacking method you can hack Facebook Google, Yahoo, Orkut, Flickr etc or any other email account.

How to use this Firesheep to steal the cookies? 
 You will need this requirements:


Step 1:
Download the Firesheep file.
Right click on the file and select "Open With"
and select Mozila Firefox.




Step 2:

Once you have installed firesheep on firefox web browser, Click on view at the top, then goto sidebarand click on Firesheep


Step 3:                                                                                                                                                 
Now click on the top left button "Start capturing" and it will start to capture the session cookies of people in your wifi network, This will show you the list of those people whose cookies are captured and have visited unsecured website known to firesheep, Double click on the photo and you will be logged in instantly

courtesy - breakthesecurity.com


0 comments:

Post a Comment

About this blog

Powered by Blogger.

Archive

Blog Archive