'Firesheep' all set to grace on Facebook

Posted in Labels: , , , , , , , , , | 6:03:00 PM






Unfolding further insecurities of Facebook ,here is a freeware tool which allows virtually anyone to hack Facebook accounts.Even if you were drunk and surfing at a Wi-Fi hotspot, you probably wouldn't stand up and shout your username and password for anyone who might want it. But then Firesheep add-on for Firefox allows even kiddies to hack into your account without a password...!


If you were at a Wi-Fi hotspot, you probably would have no options and no encryption at all. Although many websites boast about how important their users' privacy and security is to them, very few have their entire site encrypted with HTTPS. Most sites encrypt the username and password during the login process, but most of those sites stop encrypting and protecting the user right there. As soon as a user moves on to a regular HTTP page on the site, an attacker can sniff and capture the user's cookie information.

Many of us are busy multitasking, so we log into Twitter or Facebook, or even Flickr, and then move on to surf other sites without first logging out of those accounts. If any of those future sites have a Twitter or Facebook widget, or even a Flickr image embedded, if you didn't log out of those sites before continuing to surf, then HTTP session jacking, also called "sidejacking," can happen and leak the user's cookie. Security researchers explained that if a person can steal the cookie, then they can steal your session and allow them to do anything the user could do on the site. So if you ‘borrow’ your neighbors’ wifi or access insecure wifi in public, man you could lose your Facebook and many more important logins!

This works the same for a website that login page does not use end-to-end encryption. For example, if you log into Gmail, you’ll see the URL “https: / /” in front of it. This means that Gmail is safe, and your login information cannot be stolen by Fire Sheep. But for sites like Facebook, Twitter, Flickr, etc. (sites that only “http” (without the “s” at the end), when logging in, your login information can be easily affected by someone Fire Sheep. Other websites using the secure https protocol banking sites, credit card companies, the most popular email hosts and government websites.

How to Install Firesheep.

Requirements:

1.Public Wifi access.

2.Winpcap

3.Firesheep

Steps:

1.Download the "Firesheep" from the above link and open it in Firefox.

2.Now,restart the browser and select 'Firesheep' option in the 'sidebar' option inside the view menu.

3.Now you can see the Firesheep has opened up in the sidebar Check for the correct Wi-Fi interface on your computer.

4.Now click on the "Start capturing" button at the top. Before this make sure that you are connected to Wi-Fi network.

5.After doing this wait for few seconds and you will see 
something cool in the sidebar as shown below. Click on any
user and you will be logged in as him.


                                      
RELATED POSTS

Hack Facebook Using FaceBook Blaster Pro

BEST HACKERS WORLD HAS EVER SEEN...

oo7 cyber bond !

Comments

Subscribe to: Post Comments (Atom)

  • Disclaimer

    This Site may contain articles related to "Hacking" but they are hosted in our site for educational purpose only.They are meant to give a better insight to the recent cyber threats. Neither Te-Bay nor it's contributors will be responsible for any damage arising from misuse of information hosted here . If you are not willing to accept these conditions, please stop using this site and the information hosted here.

  • Search

    • Buy & Get Lucky On Te-Bay

    Cheapest & Genuine Online Store
    Flipkart.com

    We Are Hot Favorite For...

      Subscribe 2 Our Newsletter

      Enter your email address:

      Delivered by FeedBurner

      Join our Community