Cookies are used in your web browser to store information, but have you ever thought about how easy it would be for a hacker to quickly gain access to them? It is actually frighteningly easy as Robert Graham, the CEO of errata security, demonstrated at the Black Hat security convention. All it really takes is a point-and-click of the mouse:
First Graham needs to be able to sniff data packets and in our case the open Wi-Fi network at the convention fulfilled that requirement. He then ran Ferret to copy all the cookies flying through the air. Finally, Graham cloned those cookies into his browser – in easy point-and-click fashion – with a home-grown tool called Hamster.
In front of everyone at the convention Graham demonstrated how he could intercept the cookies from a person sending an email. He had someone creat a Gmail account, and in no time at all Graham had intercepted the cookies therefore enabling him to send an email disguised as the victim. As mentioned in the above quote, there were no usernames or passwords needed.
One of the easiest things that you can do to secure yourself from such an easy attack is to use https:// instead of http:// whenever it is available. Some services like Gmail offer this alternative, and using it encrypts your session using SSL so that these types of attacks don’t happen.
Firefox users (with Greasemonkey), Internet Explorer users (with IE7 Pro or Turnabout), and Opera users can use a script such as this one that is setup to automatically replace the http:// with https:// anytime that you visit Gmail. That way you never have to think about doing it yourself.
You should also try not to visit sites that use sensitive information while connected to a public hotspot, but I think we all know that by now.