1

I have tested programs like SSLStrip or dSploit that hijack a Facebook session. This is: if the user logs in and the computer running the interceptor program (i.e: dSploit) is onto the same network (LAN), it is possible to hijack that Facebook session, and act like the owner of the remote computer.

Is this actually possible to be done when having physical access to the computer?

Example: I establish a connection to my Facebook account, but sometimes I must leave the computer for a while. If I forget to close my Facebook session, could someone sit on my desktop and grab any file that contains my Facebook session so that he keeps browsing my chats comfortably on another computer, without fearing that I will come back? Or even enter the office during the night with a pendrive, power on my computer and exit the office carrying all the data that allows him to identify as me on Facebook using another computer?

Of course, I think I could test all this by starting locally the same programs I tested for remote hijacking, but isn't there some more simple way, like grabbing any file from inside Mozilla Firefox?

Maybe this attack depends on the internet browser to be hijacked?

Arjan
  • 31,511
Sopalajo de Arrierez
  • 6,851

2 Answers2

1

You don't need a keylogger or anything fancy when using firefox or google chrome.

Go to the following menu in firefox: Preferences -> Preferences -> Security -> Stored passwords

There you see all stored passwords, including the facebook account you saved. When you select "Show passwords" You we see all the stored passwords on account.

Similar option exists on chrome. Not sure about IE, but you can install firefox or chrome on the computer, import passwords and show them trough above way.

If you want to prevent anyone from doing something like that, just keep to some basic security into acount:

  • Restrict physical access to you PC: lock your office!
  • Protect your computer with a strong password
  • Lock your PC or logout
Tim
  • 1,343
0

Well, I have finally done! It was easier than I could have imagined: just a matter of grabbing this folder (in Windows): 

%APPDATA%\Mozilla\Firefox\Profiles\xxxxxxxx.default\

and restoring it to another computer, following official instructions.
I have tested it between Windows computers, but I think this should work for Mozilla Firefox in any platform.

Sopalajo de Arrierez
  • 6,851