Wednesday, February 19, 2020

Firesheep HTTP Session Hijacking Tools

0
Firesheep HTTP Session Hijacking Tools, nowadays maybe there’s a lot of people know about cracking (network cracking), it is a modification or disable features which are considered undesirable by the person cracking the network. Maybe for some people when they hear about cracking the network it looks like a very hard todo’s because it involved a high skill programming language or understanding networking.


hacking with firesheet
hacking with firesheet

What is Session Hijacking

Every time you connected to the web application (usually a dynamic web application) you will have a unique ID called "session", this session will identifies you as a valid user and will always valid until you kill the session (log out process) or the session has expired. Some bad people trying to identifies or guessing the session ID value to gain privileges as a valid user in a web application.

Firesheep HTTP Session Hijacking

Firesheep is a firefox extension to do the session hijacking. I was very surprised that this tools can hijack Facebook, Twitter, WordPress, Amazon, etc from the valid user. The most important thing that this tools is very easy to configure and to launch an attack. Just a few step :
1. Download Firesheep
2. Sit on a unencrypted wireless network
3. Turn on your wireless card(support promiscious mode, such as : atheros, orinocco, etc) and join the network
4. Start capturing with firesheep
5. Just wait until some user authenticate at the facebook, twitter, etc.

Step by Step Firesheep Configuration

1. The picture below is the interface of firesheep(click view –> sidebar –> firesheep) and you can click the red circle for preferences

Firesheep HTTP Session Hijacking Tools

2. In this picture you should choose which interface you want to capture the data. for example when you’re in a wireless network, you should activate the wireless adapter.

Firesheep HTTP Session Hijacking Tools

3. This picture below tells you which website session can hijacked handle by this addons,

Firesheep HTTP Session Hijacking Tools

4. Usually when capturing data, will use TCP port 80, because if it’s 443 I think will be encrypted, but I still didn’t try for another port :-).


Firesheep HTTP Session Hijacking Tools


5. When you finish, click the "Start Capturing" and wait until someone authenticate some website on the website list.

Prevention:

1. You can use Blacksheep,
2. You can tunnel your internet connection,
3. Don’t use "Remember Me" feature in public internet area(Hotspot), and logout after you finish use the internet.


4. Some people says that clear the browser cache and history may be another way, but you can read my other posts why it’s not the really good way
Author Image

About Adam stiffman
Soratemplates is a blogger resources site is a provider of high quality blogger template with premium looking layout and robust design

No comments:

Post a Comment