How to Steal Passwords Using FireSheep (Kind of) at WLAN Book.com

October 30th, 2010

How to Steal Passwords Using FireSheep (Kind of)

by Zaib Kaleem

How to Steal Passwords Using FireSheep (Kind of)

FireSheep is a firefox plugin that can be used to highjack web sessions on an open wifi network.

It’s extremely common for websites to protect your password by encrypting the initial login, but surprisingly uncommon for websites to encrypt everything else. This leaves the cookie (and the user) vulnerable. HTTP session hijacking (sometimes called “sidejacking”) is when an attacker gets a hold of a user’s cookie, allowing them to do anything the user can do on a particular website. On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy.

You can test it on your own open or encrypted wifi network by using FireSheep in Firefox (duh) and then opening IE or Safari and logging into Facebook, Gmail, and many other popular websites shown in screen shot below. Since Firesheep scripts the downloading of avatars from these websites you will have to manually add websites that are not listed in plug-in preferences.

Firesheep will highjack IE/Safari browser sessions and present them in Firefox with web site avatars. You simply click on the avatar on left hand side and your now logged into account as the user!

FireSheep is free, open source, and is available now for Mac OS X and Windows.

How To Prevent Firesheep – Firesheep Addon Explained

When HTTPS / SSL Is Not Available Use FireShepperd to Stop FireSheep

Soon after Firesheep was released a windows program to stop Firesheep called FireShepperd was released.

FireShepherd, a small console program that floods the nearby wireless network with packets designed to turn off FireSheep, effectively shutting down nearby FireSheep programs every 0.5 sec or so, making you and the people around you secure from most people using FireSheep.

The program kills the current version of FireSheep running nearby, but the user is still in danger of all other session hijacking mechanisms. Do not do anything over a untrusted network that you cannot share with everyone.