How to access Facebook, Gmail and other sites without Login Password

Security, today is a major concern while surfing on Internet. Many websites we use including Social networking sites, you require username and password to login and access content inside. Also, some have implemented tough system to protect privacy but here is a trick which lets you access websites without requiring Login Credentials.

When you login to any website using Username and password, system checks the information and authenticates your login and stores a cookie on your system which is then used for further requests. This is stored until you log-out or clear cookies from browser.

Obviously it is very common for websites to protect your username and password by encrypting the initial login. In fact, after browsing, where the authentication is done through cookies, it is not encrypted, and when a malicious user takes possession of your cookie, they can have full access to the “website” provided they are on the same IP address. This is called HTTP session hijacking (sometimes called “sidejacking”) when an attacker gets a hold of a user’s cookie, allowing them to do anything the user can do on a particular website.

When you login via Open Wi Fi network, many others are connected to same and they have same IP Address. Firesheep is a Firefox extension designed to demonstrate how can one take possession of some other person’s cookies and login as himself on any site namely, Facebook, Gmail, etc.

After installing this Firefox addon, you will see it in a sidebar. When you are on any Open / Busy WiFi, just press “Start Capturing” this starts searching for a user browsing some insecure site known to Firesheep and displays their name.

Login Facebook without Password

When you double click on that link, you are logged in as themselves instantly.

Login Facebook without Password

This is compatible with Mac OS X, Linux and Windows. Windows users need WinCap installed to use this.

Download Firesheep

Click Here to Leave a Comment Below 6 comments
emily - October 30, 2010

when i start capturing, im having this kind of message “Couldnt open device \Device\NPF_{2FFA8412-363D-44F9-A071-FCD5B4A1F426}: failed to set hardware filter to promiscuous mode”

pls help..

Reply
Amit Sharma - October 31, 2010

Very useful trick . Gonna try sometime.

Reply
ducks - December 4, 2010

plese tell me how to run autogen in cygwin command prompt, what kind command must be type, please send me detail tutorial for use firesheep, thx before

Reply
ducks - December 4, 2010

i had extract ( codebutler-firesheep-3967eca ), content autogen.sh in c:/program files/mozila firefox/codebutler-firesheep-3967eca

instalasi cygwin in c:/cygwin

how to run autogen in cygwin command prompt ?? please send me detil tutorial, thanks

Reply
Koustav - February 1, 2011

Nice trick man………..I like it…….:)

Reply
Ajitem Sahasrabuddhe - December 13, 2012

I just remembered something that I and Chetan did during WordCamp 2011, Jabalpur 😀 😀

Reply

Leave a Reply: