Alert icon
We're changing our privacy policy. This stuff matters.  Learn more  Dismiss

FireSheep and HTTP Session Hijacking Explained

Sign in or sign up now!
Alert icon
Upgrade to the latest Flash Player for improved playback performance. Upgrade now or more info.
9,327
Loading...
Alert icon
Sign in or sign up now!
Alert icon

Uploaded by on Oct 26, 2010

This demo shows the powerful new security (hacking) tool called FireSheep and explains how it can be used to perform http session hijacking (sidejacking) attacks against you and steal your logged in sessions on popular websites. Please note this is not a security risk caused by FireSheep, the tool is just pointing out a flaw we have all been needing to deal with for some time, and also note that we don't think this can be fixed except by the web application developers and admins, and we do believe that this app and its author, Mr Eric Butler, may have changed the face of web application security forever. Note that we don't claim to be the world's foremost experts on the topic, but hopefully this video is helpful in understanding the threat. Also note that although the video was made on a mac, all client operating systems and all client browsers are affected.

  • likes, 1 dislikes

Link to this comment:

Share to:

Uploader Comments (gveloper)

  • Thanks, we will check it out. And if anyone has any more ideas to mitigate this threat, please comment here or in our forums! Lets get the community talking.

    gveloper 1 year ago

Top Comments

  • SPEAK UP, BITCH!!

    Hurvduperv 10 months ago 8

  • Does this work on bank sites?

    PremiumZero 1 year ago 6

see all

All Comments (12)

Sign In or Sign Up now to post a comment!

  • Speak a bit louder U..!

    Khanacademyr0cks 2 months ago

  • @PremiumZero No because they are always SSL-encrypted

    kaltoftmorten 8 months ago

  • @davidkris Sadly all you need is a tool called sslstrip and boom... no more ssl

    pspheaven 8 months ago

  • @DTbox Your'e an idiot, firesheep works great, its legal, and the download is easy to get...

    pspheaven 8 months ago

  • @DTbox your an idiot. or not.

    masiewpao 1 year ago

  • @DTbox your an idiot.

    masiewpao 1 year ago

  • Ladies and gentlemen, I believe that you've been set up. Think about it, I.T. media outlets provided the download link and now suddenly Firesheep can't be found anywhere on the Internet for download or the download won't work. I know that successful downloads are being tracked, THERE IS NO SOFTWARE TO HACK SOCIAL NETWORKING SITES!!!!

    DTbox 1 year ago

Loading...

Alert icon
0 / 00Unsaved Playlist Return to active list
    1. Your queue is empty. Add videos to your queue using this button:
      or sign in to load a different list.
    Loading...Loading...Saving...
    • Clear all videos from this list
    • Learn more