Skip to main content

Home Firesheep


(also session hijacking)

Firesheep definition

Firesheep was a Mozilla Firefox extension that allowed hackers to hijack unencrypted Wi-Fi sessions as well as capture unencrypted session cookies on websites (which then can be used to access the users' accounts). It was created in 2010 by Eric Butler, who had the idea to show the world how risky popular websites, such as Twitter and Facebook, could be. It scanned open Wi-Fi networks and intercepted unencrypted HTTP traffic, looking for specific authentication cookies and using them to gain access to the user's account without requiring a password. However, it’s an outdated tool that is no longer functional.

Firesheep examples

  • It could hijack Facebook sessions and access someone’s account, view private messages, post status updates, or even change the user's password and lock them out of their account without the old one being needed.
  • Firesheep could access Twitter accounts, post tweets on behalf of users, or send private messages to other users. Attackers could use this access to spread spam, phishing messages, or other malicious content.
  • It could intercept Gmail authentication cookies and access users’ email accounts without a password. The attacker could read, send, or delete emails and access other sensitive information stored in the account.

Preventing Firesheep

While Firesheep is no longer active, the risks of unencrypted connections and session hijacking are still relevant today. It’s important to do the following:

  • Use secure HTTPS connections.
  • Stay away from public Wi-Fi networks for sensitive online activities.
  • Use strong and unique passwords on your accounts.
  • Enable two-factor authentication whenever possible.
  • Use a VPN (virtual private network)