Point and click Gmail hacking at Black Hat
August 4th, 2007
This hack uses sniffing on a network:
The attack is actually quite simple. First Graham needs to be able to sniff data packets and in our case the open Wi-Fi network at the convention fulfilled that requirement. He then ran Ferret to copy all the cookies flying through the air. Finally, Graham cloned those cookies into his browser – in easy point-and-click fashion – with a home-grown tool called Hamster.
The counter to this is to NEVER login at open networks (particularly the blackhat and for the love of all things holy and good NEVER login without encryption at the defcon)