,
6 tweets,
2 min read
Read on Twitter
In 2007, I demoed "sidejacking" at BlackHat, where I sniffed the GMail session cookie from WiFi of an audience member and hijacked their session. Back then, the standard was SSL for login, but non-SSL for the rest of the connection. Sidejacking forced all SSL all the time.
There were good reasons why all SSL all the time wouldn't work. For example, satellite connections would often timeout. Twitter would've been unusable for many customers if SSL were forced upon them.
Sidejacking forced the issue, and forced those like Google, Facebook, and Twitter to first make SSL an option, then the default, then no longer not-an-option. It forced ISPs to fix the issues preventing SSL from working quite right.
It was interesting watching the transition. LOTS of things went wrong. For example, Google quickly add SSL as an option. But if SSL failed, it'd back off to non-SSL. So on WiFi, you simply TCP RST all SSL connections, then hijacked the session when it backed off to non-SSL.
I assume this Tweet is meant as humor, but I'm going to respond to it anyway: I'd been doing this for 10 years, publishing a tool was the only way to affect change.
In any case, I did this as a proxy server. Eric Butler made a much better implementation with a browser extension known as FireSheep, which REALLY forced the change. If I remember right, lots of celebrities got popped through FireSheep.
