Following the success of the Firesheep application, a new Android application called DroidSheep allows users to hijack Web sessions of popular online services over insecure Wifi connections.
DroidSheep enables Android-based man in the middle attacks against a wide range of Web sites, including Facebook.com, Flickr.com, Twitter.com, Linkedin.com, and non-encrypted services like “maps” on Google. DroidSheep’s official website claims that the app will work on almost any website that uses cookies.
It’s a pretty simple process once downloaded, a user only has to start running DroidSheep, click start, and wait for someone to connect to a given service on the same wifi network, at which point the user will be prompted on whether or not they want to jump in on that session.
All a user needs is a device that runs Android version 2.1 or higher, whether that device is a smartphone or some sort of tablet, with root access (and the app itself, obviously).
DroidSheep supports OPEN, WEP, WPA, and WPA2 secured networks, using a DNS-Spoofing attack on the last two.
As with the original FireSheep application, the developers of DroidSheep note that their application is “NOT INTENDED TO STEAL IDENTITIES,” but to show the weak security properties of big websites.
The release of a Firefox extension called “FireSheep” at the 2010 ToorCon conference caused an uproar, and prompted popular services like Facebook and Twitter among others to implement secure browsing features. It also helped fuel a larger discussion about the necessity of utilizing HTTPS encryption across the Web.