It appears you have not yet registered with our community. To register please click here...

 
Go Back [M] > Madshrimps > WebNews
Firesheep captures unsecured cookies, abuses login rights Firesheep captures unsecured cookies, abuses login rights
FAQ Members List Calendar Search Today's Posts Mark Forums Read


Firesheep captures unsecured cookies, abuses login rights
Reply
 
Thread Tools
Old 25th October 2010, 19:36   #1
Madshrimp
 
jmke's Avatar
 
Join Date: May 2002
Location: 7090/Belgium
Posts: 79,001
jmke has disabled reputation
Default Firesheep captures unsecured cookies, abuses login rights

It's extremely common for websites to protect your password by encrypting the initial login, but surprisingly uncommon for websites to encrypt everything else. This leaves the cookie (and the user) vulnerable. HTTP session hijacking (sometimes called "sidejacking") is when an attacker gets a hold of a user's cookie, allowing them to do anything the user can do on a particular website. On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy.

http://codebutler.com/firesheep
__________________
jmke is offline   Reply With Quote
Reply


Similar Threads
Thread Thread Starter Forum Replies Last Post
Spyware heats up the debate over cookies Sidney WebNews 0 15th August 2005 23:36

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


All times are GMT +1. The time now is 10:07.


Powered by vBulletin® - Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO