Submission + - Point and click Gmail hacking at Black Hat (tgdaily.com)
Tech.Luver writes: "TGDaily reports,
" I've just received an email that says "I like
sheep", but it wasn't sent by my friend ? it was sent by a hacker
posing as my friend. At the Black Hat security convention, Robert
Graham, the CEO of errata security, surprised attendees by hijacking a Gmail session on camera and reading the victim's email.
The attack is actually quite simple. First Graham needs to be able to sniff data packets and in our case the open Wi-Fi network at the
convention fulfilled that requirement. He then ran Ferret to copy all the cookies flying through the air. Finally, Graham cloned those cookies into his browser ? in easy point-and-click fashion — with a home-grown tool called Hamster. ""