Skip to main content

Firesheep & unencrypted cookies

  • Firesheep is a tool that highlights the weakness of unencrypted cookies. The use of unencrypted cookies is such a serious security vulnerability that they have led some security activists to exploit them on purpose, merely to demonstrate how insecure they really are. 
  • Firesheep is a browser extension for the Firefox browser, which literally makes it point-and-click easy for someone to steal session IDs from certain popular social networking web sites and impersonate other users.
  • Firesheep works by packet sniffing. It watches for the unencrypted session ID values stored in cookies to pass by on whatever section of Internet traffic it can see,captures those values, and presents them to the attacker within the attacker's web browser along with the victim's name. When the attacker double-clicks on a victim's name, Firesheep substitutes the stolen session ID value in place of its own,which allow the attacker to impersonate the victim.
  • There is no way of knowing how many victims have had their social networking identities hijacked in this manner. What is known is that Firesheep was so effective in demonstrating the egregious insecurity in the designs of several social networking sites that it was a major force in causing those sites to make the switch to using HTTPS encryption for traffic -- as they should have been doing all along.
Labels:

Comments

Post a Comment

Popular posts from this blog

The Difference between DB and DB_EXTENDED

When doing Audit on any table on the the database , the default auditing is DB. SQL > show parameters audit_trail NAME                                 TYPE        VALUE ------------------------------------ ----------- ------------------------------ audit_trail                          string      DB in this case , when you do audit on some table. SQL> audit all on scott.emp by access; Audit succeeded SQL> update emp set sal=sal*0.95 where job='MANAGER'; 3 rows updated. if you want to know the statement made these changes, you will receive nothing on the sql_text field while you are selecting the audit_trial table.
Post a Comment
Read more

Web Application Security Scanner : Sandcat

Sandcat is multi-process remote web application security scanner. It maps the entire web site structure ( all links , forms , XHR requests and other entry points) and tries to find custom,unique vulnerabilities by simulating a wide range of attacks/sending thousands of requests (mostly GET and POST).  It also tests for SQL Inection, XSS, File inclusion and many other web application vulnerability classes.  Sandcat's code scanning functionality automates the process of reviewing the web application's code .  Source : CEH Lectures ...
Post a Comment
Read more

Do you think , Google makes a mistake ?

It seems Google makes a new mistake by launching its new security key (2-step verification)  one of the steps is USB device .  The question  :how come can i plug USB into my mobile (I-Phone , I-Pad , Samsung Galaxy , ....) !  Do Google know the difficulties while you are holding a USB on your hand all the time .  so You can't access  your  account if it's not in your hands. or it's damaged ?  This solution is hopeless , I think it's designed for small audience. As someone says : Can you convince the Bank Manager while you are putting the USB Device into the bank PC, that you are securing your PC , not stealing the bank data, or not transferring amounts of money to other account . or what else .  You know , This way is not quietly good , If I have many accounts on Google and other websites ,I need many  USB devices to verify myself.  That's of course , not good at all.
Post a Comment
Read more