Firesheep Add-on: Exploiting Security Vulnerabilities of Websites over Insecure WiFi Networks

Written by

 Firesheep is a recently released Firefox add-on/extension, developed by software freelancer Eric Butler. The intention behind the add-on was to expose the gravity of commonly found security vulnerability in many websites, particularly popular social networking sites, such as Facebook, Amazon, Yahoo, Twitter etc.

The security vulnerability referred to is the use of unencrypted http session by most websites after the initial encrypted (https) login session. This use of unencrypted http session risks the session ‘cookie’ to hijacking, for control of ongoing user’s session to execute malicious intents. The risk maximizes if http session is going over a completely insecure communication link thereby making the vulnerability easier to exploit.
Open and WEP encrypted WiFi networks are the most common examples of insecure communication links which are being used frequently by people at hotspots, such as, coffee shops, hotels, airports, etc. An open WiFi network does not add any encryption whereas a WEP WiFi network adds easily breakable encryption to the data in transit. Anyone who is in the range of an open/WEP WiFi network can safely and easily sniff the data from the air, communicated over the network.   
Thus, any user visiting a website (which uses unencrypted after-login session), such as Twitter over an open/poorly secured WiFi network, is vulnerable to session hijacking by a neighbor/outsider/hacker in the range of WiFi network. The hijacking can give hijacker, the complete control of the user account on the website. However, to do so, the hijacker needs to sniff the air with a WiFi sniffing software and then search the sniffed data for any unencrypted http session cookie for the website of his/her interest. Although, this task does not required specialized skills but the same is certainly complicated for a layman.
However, with the new add-on, Firesheep, the task is almost automated and has subsequently turned the layman into a hacker. One just needs to install Firesheep add-on to a compatible version of Firefox and requires a compatible wireless card. Satisfying these needs, if someone now connects to an Open WiFi network and clicks on the ‘Start Capturing’ button on the newly installed sidebar in the Firefox window, Firesheep will start listening over the WiFi network. As soon as someone visits an insecure website (configured in the Firesheep) using the Open WiFi, his/her details will be displayed in the sidebar. Further, clicking on one of such user details will make Firesheep user logged in to the insecure website as former.
Looking over the hacking simplicity introduced by Firesheep, it has got tremendous attention and interests from the people and security experts around the world. After the Google’s WiFi snooping controversy in recent times, Firesheep has once again reminded the dangers of eavesdropping over insecure WiFi networks by making the http session hijacking a layman’s work, for most popular but insecure websites, accessed over an insecure WiFi network.
Sensing the security threat, caused by Firesheep, remedy solutions, such as BlackSheep (another Firefox add-on) have started coming up which claims of detecting an active Firesheep user in the vicinity. However, one needs to understand that such remedy solutions are limited in capabilities and temporary in nature as the techniques used in these can easily be deceived in the next version of Firesheep.
The best and permanent way of protection from Firesheep like tools lies in practicing proper precautions while enjoying the convenience of open public WiFi networks. Also, popular websites are required to take some immediate steps for providing default end-to-end encryption support for user’s sessions, such as being provided by gmail. This will eventually help in ceasing the development of Firesheep like tools in future.


What’s hot on Infosecurity Magazine?