With Firesheep the Hacker can control any account without even knowing the Username and Password of the desired account. Facebook is world's most popular Social Networking website, therefore it has been the major victim of it. Firesheep uses Http Session hijacking attack to gain unauthorized access to a Facebook or any other account.

What is Session Hijacking?

In a Http session hijacking attack an attacker steals victims cookies. Cookies stores all the necessary Information about someone’s account, using this information you can hack anybody’s account and change his password. If you get the Cookies of the Victim you can Hack any account the Victim is Logged into i.e. you can hack Facebook, Google, Youtube, Yahoo, Orkut, Hotmail, etc or any other email account.

For this you will need the following things:

• Public wifi access 
• Installed WinCap
• Installed FireSheep Addon

1. When you have downloaded and Installed WinCap, download "FireSheep" from the above link and use the "openwith" option in your Firefox Browser.

2. Once you have installed FireSheep on your Firefox Browser, Click on View at the top, then go to Sidebar and click on FireSheep.

3. Now, click on the top left button "Start capturing" and it will start to capture the session cookies of people in your Wifi Network. This will show you the list of those people whose cookies are captured and have visited unsecured website known to firesheep. Now, double click on the photo and you will be logged in instantly.