How to access Facebook, Gmail and other sites without Login Password

Security, today is a major concern while surfing on Internet. Many websites we use including Social networking sites, you require username and password to login and access content inside. Also, some have implemented tough system to protect privacy but here is a trick which lets you access websites without requiring Login Credentials.

When you login to any website using Username and password, system checks the information and authenticates your login and stores a cookie on your system which is then used for further requests. This is stored until you log-out or clear cookies from browser.

Obviously it is very common for websites to protect your username and password by encrypting the initial login. In fact, after browsing, where the authentication is done through cookies, it is not encrypted, and when a malicious user takes possession of your cookie, they can have full access to the “website” provided they are on the same IP address. This is called HTTP session hijacking (sometimes called “sidejacking”) when an attacker gets a hold of a user’s cookie, allowing them to do anything the user can do on a particular website.

When you login via Open Wi Fi network, many others are connected to same and they have same IP Address. Firesheep is a Firefox extension designed to demonstrate how can one take possession of some other person’s cookies and login as himself on any site namely, Facebook, Gmail, etc.

After installing this Firefox addon, you will see it in a sidebar. When you are on any Open / Busy WiFi, just press “Start Capturing” this starts searching for a user browsing some insecure site known to Firesheep and displays their name.

Login Facebook without Password

When you double click on that link, you are logged in as themselves instantly.

Login Facebook without Password

This is compatible with Mac OS X, Linux and Windows. Windows users need WinCap installed to use this.

Download Firesheep

email

Google+

YouTube

About the Author

Rohit Langde is Founder and Editor-in-chief of Blogsolute. Tech Blogger by Passion & Profession | Mechanical Engineer by Qualification | Introverted Geek by Choice

6 Enlightened Replies

Trackback  •  Comments RSS

  1. emily says:

    when i start capturing, im having this kind of message “Couldnt open device \Device\NPF_{2FFA8412-363D-44F9-A071-FCD5B4A1F426}: failed to set hardware filter to promiscuous mode”

    pls help..

  2. Very useful trick . Gonna try sometime.

  3. ducks says:

    plese tell me how to run autogen in cygwin command prompt, what kind command must be type, please send me detail tutorial for use firesheep, thx before

  4. ducks says:

    i had extract ( codebutler-firesheep-3967eca ), content autogen.sh in c:/program files/mozila firefox/codebutler-firesheep-3967eca

    instalasi cygwin in c:/cygwin

    how to run autogen in cygwin command prompt ?? please send me detil tutorial, thanks

  5. Koustav says:

    Nice trick man………..I like it…….:)

  6. I just remembered something that I and Chetan did during WordCamp 2011, Jabalpur :D :D

Post a Reply

Your email address will not be published. Required fields are marked *

Top