However, Firesheep’s ease of use and its subsequent publicity shone a spotlight on a persistent security problem, making more people aware of this vulnerability and highlighting the need to address it. Its author points out that sidejacking tools already existed, and that Firesheep is simply a more user-friendly tool. This vulnerability has been noted on a number of websites, including Flickr, Tumblr, and WordPress.Īlthough Firesheep garnered a lot of coverage, this is not a new problem. There is no way to detect that someone else on your Wi-Fi connection is using Firesheep. Result? Cookies are sent in the clear (unencrypted), attackers can intercept them, then hijack your session and gain access to your account. Many websites only protect the login page (encrypting your username and password), but turn off the encryption on the rest of the website. The attacker doesn’t need to know your password: the website will simply believe the attacker is you, because they have your cookie. If you log in to Twitter, for example, session cookies are then sent between your computer and Twitter, which the attacker can then exploit to send tweets under your name. (You’ll see “https:” in the URL of encrypted pages.) However, after you log in successfully, some sites use a session cookie that stays active during your login: anyone who captures and sends that cookie to the originating website can mimic you. When you log in to certain websites, you first provide a username and password, which are often sent encrypted. The attacker places himself on the same network as the victim – such as a wireless hotspot in a coffee shop – and if the network is unencrypted, the attacker can eavesdrop on all traffic that flows over the wireless link.įiresheep then monitors the network traffic, looking for a “cookie” to be sent.
#Older versions of firefox work for firesheep software#
Firesheep doesn’t do that by itself, but works with packet capture software that comes standard on many computers (or can be freely downloaded). The attacker needs to be able to “sniff” the network packets, in order to grab the cookie.There are two main parts to this exploit: What Firesheep does is to take advantage of a known security flaw and make it easy to exploit, by carrying out sidejacking (or session hijacking). Last week, you may have heard about Firesheep, a plug-in for the Firefox web browser that lets an eavesdropper take over another user's session-such as a login to Twitter or Facebook-by intercepting packets on a local network and copying the victim’s cookie.
0 kommentar(er)
