[Owasp-Malaysia] Firesheep: Very impressive and proven Tool

Faizul faizul at mysecurity.my
Wed Oct 27 04:10:25 EDT 2010


setahu saya session hijacking ni boleh dilakukan bila pengguna login.


On Wed, Oct 27, 2010 at 3:12 PM, Raja Iskandar Shah <rajaiskandars at gmail.com
> wrote:

> isnt firesheep a mitm in itself ? meaning if you had it installed, you can
> 'spy' on others and others can 'spy' on you via firesheep as a form of
> spyware ?
>
> let's try this. mr a install firesheep and mr b also install firesheep.
> then both connect to an unsecure open network. then let's see what mr b can
> get from mr a, and what mr a can get from my b.
>
>
>
>
>
> On Wed, Oct 27, 2010 at 12:38 PM, CL Chow <klrkdekira at gmail.com> wrote:
>
>> noscript can actually stop it too
>> am trying to build it for linux too, still not working yet
>>
>> Regards,
>> CL Chow
>> "Please do not send me Microsoft Office/Apple iWork documents. Send
>> OpenDocument instead! http://fsf.org/campaigns/opendocument/"
>>
>>
>>
>>
>>
>> On Wed, Oct 27, 2010 at 11:58 AM, Harisfazillah Jamel <
>> linuxmalaysia at gmail.com> wrote:
>>
>>> Thanks Fazli,
>>>
>>> I write a express writeup how to protect yourself using wireless. Its in
>>> Malay
>>>
>>> http://bit.ly/hackwirelessmy
>>>
>>> http://goo.gl/C64B
>>>
>>> Thanks.
>>>
>>> On Wed, Oct 27, 2010 at 11:54 AM, Mohd Fazli Azran
>>> <mfazliazran at gmail.com> wrote:
>>> > Dear all members,
>>> >
>>> > I think you all already know the hottest add on Firefox call
>>> "firesheep"
>>> > spreading to the world now. This kind of attack related to MITM Attack.
>>> To
>>> > know about this tool more Please go to Codebutler site. It explain to
>>> you
>>> > how firesheep work on open wireless network.  It capture the cookies on
>>> your
>>> > web browser. To download please click Firesheep (Please use for
>>> > educational purpose!!! :) I beg you all)
>>> > This Tool already presented at Toorcon 12  they announce of release the
>>> > "Firesheep". Not bad and it  good for sniffing now your become
>>> > amateur hacker.
>>> > The tip avoid MITM attack
>>> > 1) Use only secure wifi
>>> > 2) VPN (If you want use open wireless)
>>> > 3) Use end-to-end encryption
>>> > 4) Use https login
>>> > They already web add on by default at Firesheep. You can add others
>>> website
>>> > to see it can capture all the username or password or content. What we
>>> > should worry if we open any online banking at open wireless.
>>> Be careful on
>>> > that.
>>> >
>>> > Mohd Fazli Azran
>>> _______________________________________________
>>> Owasp-Malaysia mailing list
>>> Owasp-Malaysia at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>>
>>> OWASP Malaysia Wiki
>>> http://www.owasp.org/index.php/Malaysia
>>>
>>> OWASP Malaysia Wiki Facebook
>>> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>>>
>>
>>
>> _______________________________________________
>> Owasp-Malaysia mailing list
>> Owasp-Malaysia at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>
>> OWASP Malaysia Wiki
>> http://www.owasp.org/index.php/Malaysia
>>
>> OWASP Malaysia Wiki Facebook
>> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>>
>
>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>



-- 
73 de 9W2PJU

http://9w2pju.hamradio.my
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-malaysia/attachments/20101027/2dcab089/attachment.html 


More information about the Owasp-Malaysia mailing list