How To Hack Into Facebook (using session hijacking)
Back in October, a little innocent Firefox plugin was released called Firesheep. This plugin was released to make it public that stealing your account on Facebook can be as easy as stealing candy from a baby.
Websites like Facebook, Twitter and many others send user information, usernames and even passwords over an insecure HTTP connection utilizing cookies on users’ computers. If anyone was able to get their hands on that cookie, they would be able to “impersonate” you on that website. That is exactly what Firesheep allows you to do.