Scribd
Upload
6K views11 pages

Firesheep!

A lightning talk about Firesheep, a Firefox plugin for doing "sidejacking" (a.k.a. breaking into other people's accounts).

Uploaded by

Aidan Feldman
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
6K views11 pages

Firesheep!

A lightning talk about Firesheep, a Firefox plugin for doing "sidejacking" (a.k.a. breaking into other people's accounts).

Uploaded by

Aidan Feldman
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 11

Aidan Feldman

Firesheep

 Plugin for Firefox


 One-click access to insecure sites
 HTTP session hijacking
Authentication

1. Request/response
2. Send username/pass once
3. Receive cookie
4. Use cookie for all future requests
Who needs passwords?

SESSION HIJACKING
“Sidejacking”

 Passwords time-consuming to crack


 Login pages often protected
 Just steal the cookie!
Save Yourself!

 Avoid insecure sites?


 Yeah, right
 SSLStrip
 Log out?
 EVERY TIME
 Session is not guaranteed invalidated

 Use only secure WiFi?


 No coffee shops
 VPN?
 Pushes problem to other side
codebutler.github.com/firesheep

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy