The release of Firesheep firefox addon really showed how most of the popular
websites today are vulnerable to hacking. Eric Butler introduced his Firefox
addon Firesheep which is really a masterpiece hacking tool used to hack
wireless network users using HTTP session hijacking. I was asked by
many visitors to post on how to wireless network. So, in the article below, I
have illustrated the method to hack wireless network users using Firesheep
firefox addon. I have provided link for software download... just check out.
What is HTTP Session Hijacking???
As all Gurus should know, whenever we login
to any website, the webserver of the website replies back with a "cookie" which
is used by client browser for further requests. Thus, cookie is used by
webserver to identify the logged user and thus, maintain session of this user.
Now, if we get this cookie of the victim, we can do all things same as the
logged user (victim) himself. Since, we are now having the cookie of victim,
webserver grants all session rights of victim to us. This way of hijacking
cookies is called session hijacking. We can easily hack wireless network users
by this Session Hijacking.
In wireless networks, exchange of cookies
takes place through air, due to which one can easily intercept them and this
session hijacking can be implemented easily.
2. Install this addon in your Firefox (working
pefect on Windows XP and Windows Vista). Restart Firefox. Connect to any public
3. Now, in the sidebar, hit on "Start Capturing" and
Firesheep searches for and captures cookies in wireless network.
As soon as anyone on the wireless network visits any insecure website known to
Firesheep, their name and photo will be displayed in the sidebar. Now, simply
double click on someone and you're into his/her account. Thus, you are able to
hack wireless network user.
interesting right??? Yeah, this one's definitely a revolution in hacking
technology. It has become so simple to hack any wireless network.
Websites that are vulnerable to Firesheep:
As is reported, the two
social network giants Facebook and Twitter are vulnerable and hence attacked
largely by Firesheep. Also, other websites vulnerable are: Foursquare, Gowalla,
Amazon.com, Basecamp, bit.ly, Cisco, CNET, Dropbox, Enom, Evernote, Flickr,
Github, Google, HackerNews, Harvest, Windows Live, NY Times, Pivotal Tracker,
Slicehost, tumblr, WordPress, Yahoo and Yelp.
Solution to Firesheep attack:
Firesheep hack can be implemented only if the
website does not use secure HTTPS connections. So, we can lay down Firesheep
hack, if we inform Firefox to always use secure connections. This can be
implemented by using Firefox addon Force-TLS.
Securing whole Wireless network:
Also, it is necessary to secure
other users of wireless network. So, FireShephard - the anti-Firesheep tool
has been released which shuts down Firesheep running on any computer in the
wireless network. FireShephard basically floods the nearby wireless network with
packets which are designed to turn off Firesheep. This surely secures all users
of the wireless network.
So friends, this was all about how to
hack a wireless network using HTTP Session hijacking. Remember to
install Force-TLS addon, if you're logging to your insecure web account in a
wireless network. If you have any problem in this tutorial on how to hack
wireless network using Firesheep, please mention it in