Categories
Penetration Testing Privilege Escalation

Update FireSheep Extended – Now targets Google Search

You can find our previous post regarding HowTo use Firesheep on linux.

FireSheep is a small firefox extension that does big jobs for you 😀 e.g http sessions hijacking

What is FireSheep Extended?

This release is focused on Google search. If you are using Google Search services using a unsecured Wifi network, you searches are visible to MITM guys.

How it work?

When you are logged in on gmail.com and use google searches, Google’s sid cookie is easily captured through FireSheep. As soon you see sid cookie click on it and see visited links by victim.

How to be safe from FireSheep extended release?

Don’t use Google search while you are logged in on gmail.com on unsecured WiFi Networks.

What do you suggest for mitigation ? Share your thought in comments 🙂