Sidejacking' Tool Unleashed
AUGUST 07, 2007
LAS VEGAS -- Black Hat USA -- Here's another reason not to use WiFi unprotected: Hackers can "sidejack" your machine and access your Web accounts, researchers demonstrated here last week as part of the "Simple Solutions to Complex Problems from the Lazy Hacker's Handbook." (See Black Hat: How to Hack IPS Signatures.)
Robert Graham, CEO of Errata Security, showed -- and released -- his new Hamster tool, a more powerful version of his Ferret WiFi sniffer that can grab users' Gmail, Yahoo, and other online accounts. Hamster basically clones the victim's cookies by sniffing their session IDs and controlling their Website accounts. (See Joke's on Me and Tool Uncovers Inadvertent 'Chatter'.)
"You can be in a café and see a list of people browsing
. And you can highjack and clone their Gmail system, for example, Graham says. "We know it's theoretically possible, so we wanted to prove it... This is very powerful because it's so easy to do."
<snip>
Besides the obvious "don't use open WiFi recommendation," Graham says users should routinely log out of their Web sessions, which wipes out their cookie trail and thus dead-ends the Hamster attacker.
More:
http://www.unstrung.com/document.asp?doc_id=131095