session-hijacking-practicals

session-hijacking-practicals Sess...

Facebook Session Sidejacking

Recently, there was a vulnerability discovered in LinkedIn, which is described here http://www.wtfuzz.com/blogs/linkedin-ssl-cookie-vulnerability/ Basically, this allows someone in network to sniff a cookie value and apply it in his browses session to hijack the target's user session. This simple...

Vulnerability in Google ClientLogin Protocol !

Vulnerability in Google ClientLogin Protocol ! A group of security and privacy researchers from the Institute of Media Informatics at Ulm University in Germany, is claiming to have discovered a serious security vulnerability in Google's ClientLogin protocol. In a recent analysis of the Android...

Squid-Imposter: A Squid Based Sidejacking Proxy !

That tool was meant specifically for Windows operating systems and also contains a module that uses HTML5 offline cache to store the payload permanently in all supporting browsers. Squid-Imposter just add the HTML5 offline cache storage functionality to the application and has been ported to Linu...

FireSheep Fallout: Microsoft Adds HTTPS Option for Hotmail

Three weeks after researchers unveiled a plugin that allows Firefox Web browser users to snoop on the Webmail and social networking sessions of those around them, Microsoft has announced an option that will allow users of its Hotmail Web e-mail program to browse securely. The company said on...

The use of the hamster hijacking Gmail(sidejacking)-vulnerability warning-the black bar safety net

4 month released, the software DESCRIPTION is tempting: "The black hat of the General Assembly after the outgoing of a tool to Ferret it. The author claims that you can use him to intercept mail login process the cookie information. Then you can feel free to invade the others mailbox. Worked at t...