LAS VEGAS -- Computer users getting online at local cafes, airport terminals and conference venues will have to be more wary of the wireless network, according to a security researcher's presentation at the Black Hat Security Briefings on Thursday.

Robert Graham, CEO of consultancy Errata Security, showed off an early version of a program, named Hamster, which when paired with a wireless eavesdropping tool known as Ferret, allows a nearby attacker to steal the security keys used by online sites to identify users and to hold other information about the Web session. The keys, known more popularly as cookies, allow the attacker to then get access to the victim's online accounts.

Graham demonstrated the tool, sniffing the cookies sent over the wireless network at Black Hat, and gaining access to one user's GMail account. After showing the GMail screen, he quickly closed the browser.

"If I sniff your GMail session and use your cookies, then I've cloned your session," Graham said. "As far as the server is concerned, I am you."

While the attack is not new, the ease with which Hamster can clone people's access to their accounts is. Many wireless hijacking scenarios called for the attacker to set up a rogue access point that the victim uses, creating a man-in-the-middle attack. The attack using Hamster, which Graham referred to as "sidejacking," only requires only eavesdropping on the users connection -- a simple feat with most public wireless connections.

Graham showed off Ferret in March at the government-focused version of the Black Hat conference.