Firesheep

**7alewi** · 03-21-2011

Firesheep is a firefox add-on.

It uses a packet sniffer to intercept unencrypted cookies from websites. It allows the user to instantly take on the log-in credentials of the user by double-clicking on the victim's name.

Mozilla Add-ons have stated that it would not use the browser's internal add-on and therefore they did not blacklist it.

Read more here.

This could affect Facebook and Twitter. In January 2011, facebook added more security to sessions and cookies to avoid this. (You can view it on facebook by clicking My account > account settings > account secuirty.

Although it is illegal in some countries but I think this is a real threat !

**Google** · 03-22-2011

On Linux,
tcpdump -A -i wlan0 tcp port 80 | grep Cookie

03-21-2011	#1
7alewi Vcoderz Team Last Online: 09-03-2014 Join Date: Jan 2009 Posts: 1,438 Thanks: 776 Thanked 1,299 Times in 786 Posts Groans: 1 Groaned at 1 Time in 1 Post	Firesheep Firesheep is a firefox add-on. It uses a packet sniffer to intercept unencrypted cookies from websites. It allows the user to instantly take on the log-in credentials of the user by double-clicking on the victim's name. Mozilla Add-ons have stated that it would not use the browser's internal add-on and therefore they did not blacklist it. Read more here. This could affect Facebook and Twitter. In January 2011, facebook added more security to sessions and cookies to avoid this. (You can view it on facebook by clicking My account > account settings > account secuirty. Although it is illegal in some countries but I think this is a real threat !

03-22-2011	#2
Google Last Online: 05-30-2013 Join Date: Jan 2008 Posts: 1,788 Thanks: 10,018 Thanked 1,100 Times in 651 Posts Groans: 1 Groaned at 6 Times in 6 Posts	On Linux, tcpdump -A -i wlan0 tcp port 80 \| grep Cookie __________________

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)