Firesheep [Social Engineering]

Posted In Info - By Mohseen On Monday, August 20th, 2012 With 1 Comment

//
//

Firesheep is a social engineering tool that enables you to login to a victims account using collected cookies through public wifi hotspots or your PC.

firesheep

 

Fire Sheep is a Firefox plugin that hijacks sessions, enabling us to use an account without knowing the password.

The security flaw that Firesheep exploits the fact that although login in encrypted the session after that is not.

Firesheep uses wincap to capture and display authentication information for accounts it comes across.

Anybody with your IP (using same wifi hotspot for instance) and your cookie can be effectively considered as you.

working

You can try activating Firesheep and observe after some time who have logged in using your PC and you can hijack their session.

Firesheep is extremely easy to use, and effective social engineering attack, in most cases victims will be unaware of this sniffing program running.

Demo

Download Firesheep

Open the file with firefox

To prevent Firesheep, you can try:

  • Avoid Public hotspots.
  • Use VPN for public wifi.

Final

//
//

Displaying 1 Comments
Have Your Say

  1. Hi there, I read your blogs on a regular basis. Your humoristic style is witty, keep it up!

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Email
WP Socializer Aakash Web