setahu saya session hijacking ni boleh dilakukan bila pengguna login.
On Wed, Oct 27, 2010 at 3:12 PM, Raja Iskandar Shah <[email protected] > wrote: > isnt firesheep a mitm in itself ? meaning if you had it installed, you can > 'spy' on others and others can 'spy' on you via firesheep as a form of > spyware ? > > let's try this. mr a install firesheep and mr b also install firesheep. > then both connect to an unsecure open network. then let's see what mr b can > get from mr a, and what mr a can get from my b. > > > > > > On Wed, Oct 27, 2010 at 12:38 PM, CL Chow <[email protected]> wrote: > >> noscript can actually stop it too >> am trying to build it for linux too, still not working yet >> >> Regards, >> CL Chow >> "Please do not send me Microsoft Office/Apple iWork documents. Send >> OpenDocument instead! http://fsf.org/campaigns/opendocument/"; >> >> >> >> >> >> On Wed, Oct 27, 2010 at 11:58 AM, Harisfazillah Jamel < >> [email protected]> wrote: >> >>> Thanks Fazli, >>> >>> I write a express writeup how to protect yourself using wireless. Its in >>> Malay >>> >>> http://bit.ly/hackwirelessmy >>> >>> http://goo.gl/C64B >>> >>> Thanks. >>> >>> On Wed, Oct 27, 2010 at 11:54 AM, Mohd Fazli Azran >>> <[email protected]> wrote: >>> > Dear all members, >>> > >>> > I think you all already know the hottest add on Firefox call >>> "firesheep" >>> > spreading to the world now. This kind of attack related to MITM Attack. >>> To >>> > know about this tool more Please go to Codebutler site. It explain to >>> you >>> > how firesheep work on open wireless network. It capture the cookies on >>> your >>> > web browser. To download please click Firesheep (Please use for >>> > educational purpose!!! :) I beg you all) >>> > This Tool already presented at Toorcon 12 they announce of release the >>> > "Firesheep". Not bad and it good for sniffing now your become >>> > amateur hacker. >>> > The tip avoid MITM attack >>> > 1) Use only secure wifi >>> > 2) VPN (If you want use open wireless) >>> > 3) Use end-to-end encryption >>> > 4) Use https login >>> > They already web add on by default at Firesheep. You can add others >>> website >>> > to see it can capture all the username or password or content. What we >>> > should worry if we open any online banking at open wireless. >>> Be careful on >>> > that. >>> > >>> > Mohd Fazli Azran >>> _______________________________________________ >>> Owasp-Malaysia mailing list >>> [email protected] >>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia >>> >>> OWASP Malaysia Wiki >>> http://www.owasp.org/index.php/Malaysia >>> >>> OWASP Malaysia Wiki Facebook >>> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 >>> >> >> >> _______________________________________________ >> Owasp-Malaysia mailing list >> [email protected] >> https://lists.owasp.org/mailman/listinfo/owasp-malaysia >> >> OWASP Malaysia Wiki >> http://www.owasp.org/index.php/Malaysia >> >> OWASP Malaysia Wiki Facebook >> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 >> > > > _______________________________________________ > Owasp-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.org/index.php/Malaysia > > OWASP Malaysia Wiki Facebook > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > -- 73 de 9W2PJU http://9w2pju.hamradio.my
_______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
