A huge wave has been made by this tool in the mainstream media this week as it makes session stealing/hijacking a click and go procedure. It was released at Toorcon 12 and is simply a Firefox Add-on.
Stealing sessions/passwords and so on is something we’ve been able to do for a LONG time using Wireshark or Ettercap on a hub based or WiFi network running without encryption. But now with Firesheep anyone can do it, and they can do it VERY easily, which is somewhat scary. Firesheep is incredibly easy to use, download the add-on, log in to a public WiFi spot and click a button…you’ll then be shown images and user names of various people using networks such as Facebook, Twitter, Flickr, bit.ly, Google and Amazon. With a double click on their image, you’ll be logged in as them immediately.
Firesheep is free and open source and works on Mac OS X and Windows with Linux support being promised soon. The download rate of this add-on is epic with over 320,000 downloads in 3 days.
Some news about the tool:
- Firesheep: Making the Complicated Trivial
- Firesheep hacks into Facebook, Twitter
- Firesheep sniff tool prompts Facebook warning
- ‘Firesheep’ on Firefox could be used for b-a-a-d
- Lazy Hackers Unite: Firesheep Boasts +104,000 Downloads In 24 Hours
I expect you already know how to protect yourself from this kind of attack, but if you don’t…use a VPN whenever you are on a public Wifi spot! If you don’t have VPN access or can’t be arsed to set one up just make sure you force SSL/TLS on every site you surf – but do note to protect against this attack, you have to encrypt the entire session and not just the initial authentication.
Google has a secure search option too here – https://encrypted.google.com/
You can find the slides from the Toorcon 12 presentation here:
Windows users are required to install WinPcap.
You can download Firesheep v0.1 here:
Or read more here.