Allegro.cc - Online Community

Allegro.cc Forums » Off-Topic Ordeals » Firesheep

This thread is locked; no one can reply to it. rss feed Print
 1   2   3 
Firesheep
gnolam
Member #2,030
March 2002
avatar

Quote:

It's extremely common for websites to protect your password by encrypting the initial login, but surprisingly uncommon for websites to encrypt everything else. This leaves the cookie (and the user) vulnerable. HTTP session hijacking (sometimes called "sidejacking") is when an attacker gets a hold of a user's cookie, allowing them to do anything the user can do on a particular website. On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy.

Quote:

After installing the extension you'll see a new sidebar. Connect to any busy open wifi network and click the big "Start Capturing" button. Then wait.
As soon as anyone on the network visits an insecure website known to Firesheep, their name and photo will be displayed:
Double-click on someone, and you're instantly logged in as them.
That's it.
Firesheep is free, open source, and is available now for Mac OS X and Windows. Linux support is on the way.

http://codebutler.com/firesheep

Unfortunately, my laptop runs Linux, so I can't try it out for myself yet...

--
Move to the Democratic People's Republic of Vivendi Universal (formerly known as Sweden) - officially democracy- and privacy-free since 2008-06-18!

GullRaDriel
Member #3,861
September 2003
avatar

Interesting, indeed. I'll test it tonight ^^

"Code is like shit - it only smells if it is not yours"
Allegro Wiki, full of examples and articles !!

Matthew Leverton
Supreme Loser
January 1999
avatar

I would hope that this is common knowledge by now...

gnolam
Member #2,030
March 2002
avatar

It's not new, no, but it's never been this user friendly.

--
Move to the Democratic People's Republic of Vivendi Universal (formerly known as Sweden) - officially democracy- and privacy-free since 2008-06-18!

Crazy Photon
Member #2,588
July 2002
avatar

I've not used public WiFi for a while for this reason (not because of Firesheep but because of traffic sniffing), I use private 3G connections instead...

-----
Resistance is NEVER futile...

Matthew Leverton
Supreme Loser
January 1999
avatar

I only use public wifi if I can proxy via a SSH tunnel to my home network.

bamccaig
Member #7,536
July 2006
avatar

Nice. :) I'm willing to bet that a lot of Facebook and Twitter users will be coming out of the closet in the near future... :-X

That said, I'd want to carefully glance over the code before running it. :P

Neil Black
Member #7,867
October 2006
avatar

I'd try it, but I don't think WKU would like it if I sniffed around on their network.

Arthur Kalliokoski
Second in Command
February 2005
avatar

bamccaig said:

I'm willing to bet that a lot of Facebook and Twitter users will be coming out of the closet in the near future...

What? You mean we'll see a lot more of:

<real owner posts something debatable here>

<haxx0r posts this>
"HAHAHA! Disregard that, I sxxk cxxxs!"?

“Throughout history, poverty is the normal condition of man. Advances which permit this norm to be exceeded — here and there, now and then — are the work of an extremely small minority, frequently despised, often condemned, and almost always opposed by all right-thinking people. Whenever this tiny minority is kept from creating, or (as sometimes happens) is driven out of a society, the people then slip back into abject poverty. This is known as "bad luck.”

― Robert A. Heinlein

bamccaig
Member #7,536
July 2006
avatar

What? You mean we'll see a lot more of...

That, but also a more blunt approach... I know that when in college there was at least one instance where a student had forgotten to log off before leaving a computer lab and another user sent the entire school (students, faculty, etc.) an E-mail from his account confessing to being homosexual (using mailing lists). It looked sincere until it was recanted a few hours later from the same account. :P It was pretty hilarious for everyone (except for maybe the victim). ;D It was also a lesson to the entire school to not leave your computer logged in and unattended; and to remember to log out before leaving. ;D

I have a colleague that always does that (actually, most probably do, but I notice because her screen faces the door :P) regularly at j0rb and I always have to fight the urge to change her home page to www.companynamesucks.com[1]. ;D

** APPEND **

Take a look at their list of affected sites:

http://github.com/codebutler/firesheep/wiki/Handlers

:o

Jeff Bernard
Member #6,698
December 2005
avatar

Wha..? Where's A.cc on that list?

--
I thought I was wrong once, but I was mistaken.

Billybob
Member #3,136
January 2003

bamccaig said:

Take a look at their list of affected sites:

Every site that uses cookies without HTTPS will be affected, so the length of their list is only surprising in its sparseness.

Tobias Dammers
Member #2,604
August 2002
avatar

Not if you tie the session cookie to other information, such as the client's IP address. Unless both the attacker and the legit user are behind the same router, this should be pretty hard to spoof - but then the downside is that you will be logged out as soon as you're on a different network or your DHCP resets.

---
Me make music: Triofobie
---
"We need Tobias and his awesome trombone, too." - Johan Halmén

Jonatan Hedborg
Member #4,886
July 2004
avatar

Unless both the attacker and the legit user are behind the same router, this should be pretty hard to spoof

If you both are connected to the same unsecured WLAN (which is required for this exploit), you will very likely have the same external IP as well.

-------
Sweden: Free from the shackles of Democracy since 2008-06-18!

Tobias Dammers
Member #2,604
August 2002
avatar

If you both are connected to the same unsecured WLAN (which is required for this exploit), you will very likely have the same external IP as well.

Uhm, but then what's the problem? Logging into anything unsecured on any public network is like asking for problems.

---
Me make music: Triofobie
---
"We need Tobias and his awesome trombone, too." - Johan Halmén

Jonatan Hedborg
Member #4,886
July 2004
avatar

Uhm, but then what's the problem? Logging into anything unsecured on any public network is like asking for problems.

Exactly. This isn't a new exploit. It's just been made a LOT easier for people to use it.

-------
Sweden: Free from the shackles of Democracy since 2008-06-18!

GullRaDriel
Member #3,861
September 2003
avatar

That's just what the OP said in his second post.

Brats.

"Code is like shit - it only smells if it is not yours"
Allegro Wiki, full of examples and articles !!

bamccaig
Member #7,536
July 2006
avatar

Billybob said:

Every site that uses cookies without HTTPS will be affected, so the length of their list is only surprising in its sparseness.

Well they're targeting the masses so they're specifically adding support for popular social networking sites and sales companies and financial companies and the like. Besides, it isn't really a big deal if somebody manages to hijack your Allegro.cc session. The amount of harm they can do is limited. They can post as you, edit your most recent posts, modify your profile or settings, but the worst that they can possibly do is get you banned by ML. :P Well, they could also learn your real name if you entered it in A.cc and have been keeping it a secret. :-X Most of the regulars have revealed their alleged names anyway.

It matters more on sites like Facebook and Twitter and PayPal where you have a lot of your information and a lot of your information is shared with others (some of which might even know you ::)), as well as their information being shared with you. Access to somebody's Facebook account could easily open the door for social mayhem or even social engineering. Not to mention all of the personal information that the idiots of the world share with Facebook. It's a pretty serious thing for it to get hijacked. Albeit, it doesn't really matter because those same idiots have already installed "applications" that steal all of their information and sell it...

In any case, many sites just don't need that level of security because there isn't much to benefit from hijacking somebody's account (though you could still get a laugh out of it).

jhuuskon
Member #302
April 2000
avatar

Jonatan Hedborg
Member #4,886
July 2004
avatar

Seriously, isn't this "exploit" like 10 years old? O.o

What is the big deal?

-------
Sweden: Free from the shackles of Democracy since 2008-06-18!

Crazy Photon
Member #2,588
July 2002
avatar

What is the big deal?

That the average Joe will be able to perform the attack.

-----
Resistance is NEVER futile...

Matthew Leverton
Supreme Loser
January 1999
avatar

That the average Joe will be able to perform the attack.

The "average Joe" has no reason to do the attack, except to a) see if it works or perhaps b) goof with his "friend's" Facebook status.

The person who would actually do something bad with such a tool already knew how to do this, and probably already had his own tools that do the same thing.

Jonatan Hedborg
Member #4,886
July 2004
avatar

^++

-------
Sweden: Free from the shackles of Democracy since 2008-06-18!

Crazy Photon
Member #2,588
July 2002
avatar

Hehe -> Idiocy tool.

-----
Resistance is NEVER futile...

bamccaig
Member #7,536
July 2006
avatar

The significance of Firesheep isn't the danger of attack (which has always been there), but the potential awareness that users (and victims) can gain from it. While Idiocy does have the potential to be a little bit more educational for victims, it will probably be used less often because there isn't much in it for the attacker. Besides, many users will probably just think "oh well, doesn't hurt me" and go on with their day. Firesheep can hurt them and the "attackers" will probably install it with intent to do "harm", even if it's childish harm. :P

 1   2   3 


Go to: