Skip to main content

Firesheep Fail with Asus 1005ha

I recently wanted to install the Firefox Firesheep plug in to mess with on my ASUS 1005ha Netbook.   I didn't like that I had to install Firesheep in Windows, as my primary OS is Ubuntu, however, there is no Linux support for Firesheep, so I was stuck with Winblows.  

I downloaded the Firesheep plugin from http://codebutler.github.com/firesheep/  and tried to install it (by simply opening it up in Firefox).  It wouldn't install because it said my version of firefox wasn't up to date.  So, I updated my Firefox and tried again.  It then installed fine, but when I went to run it, Firesheep said that it couldn't put my NIC into promiscuous mode.  I already had WinPcap installed, but thought I might have to update it.  I updated my WinPcap, and that didn't help.  So, I thought that my Wireless driver (Atheros AR9285) may need to be updated.  I updated my driver, and still it wouldn't put my card in promiscuous mode.  On the side chance that it wasn't a Firesheep problem, I downloaded Wireshark to see if IT would be able to put my card in Promiscuous mode.  I got the same error with Wireshark.  

So my conclusion was that my card won't support promiscuous mode in Windows.   If only Firesheep would work with Ubuntu...  I also then wouldn't have to worry about the AntiVirus lighting up on Firesheep, like it does in Windows.  

I then moved on to my Dell 700m, to try with that IPW2200 card... same result... no joy
I then tried my Linksys WUSB600N USB wireless ... same result... no joy

Luckily, I had a Netgear WG111 Wireless Thumb Drive (B-only).  This worked with Firesheep, but is 802.11b only.  Still, I thought I'd try it out.  A buddy and I went to a Panera to try it out, and even though I had a laptop, he had a laptop, and there were several folks around on laptops, I got no traffic at all in Firesheep.  It seems that everyone is on G these days!  After about a half an hour, we called it quits.  I guess you just can't hack with B anymore. 

I tried Firesheep with a Linksys WUSB54GSC V 2.  G thumb drive.  This worked!  So I tried it out at Panera again.   This time, there was only me on the network, so I only captured my own traffic.  But Firesheep seemed to work very well (except it wouldn't capture any of my iPhone traffic). 

Below is a screenshot of Firesheep logging into several accounts it sniffed.  The strange thing was that with Twitter, Flickr, and Amazon, even after logging out both on the real browser, and the one running Firesheep, I was still able to just click the account and log right back in.  That is crazy.  Check out the below:



I've smugged the account names for security reasons, but the screenshot still gives a great feeling for how Firesheep works.  And to recap the scariness, not only would Firesheep capture cookies and log into my accounts as if it had properly authenticated, even after I logged out of Amazon, Flickr, and Twitter, both on the browser running Firesheep and the original browser, when I clicked on the account in the left pane of Firesheep, I could log right back in!  That means that those services don't kill your session cookie when you log out!  Crazy!

So I'm either going to not use any hotspots, or if I HAVE to, I'll use a VPN whenever I'm using any of my accounts.  Having an outsider being able to log into my accounts as me this easily is just ridiculous!

Comments

Post a Comment

Popular posts from this blog

HP c6180 Printer and Vista

Hp c6180 driver issues with Vista Home Premium My wife has a Vista Home Premium laptop, and the HP C6180 Photosmart printer keeps disappearing from her available printers.  The only way I've found to fix the problem is to reinstall all the HP software. When I do this, I have to download the (large..507M software from HP, or reinstall the printer (ONLY the printer, not the scanner) with the installation disk, as the drivers are not discovered with a "Windows Update" setting.  My guess is that is because HP doesn't like people to install only the printer driver, which would be easy, but they want folks to install all their crapware as well, so they are withholding the drivers from the on-line Microsoft printer database.  So keep your installation CD!  I've also found that unless I install everything on the CD or in the Full Version download (HP Customer Participation Program, HP Imaging Device functions, HP OCR SW, HP All-In-one SW, HP Photosmart Essential, HP
27 comments
Read more

atftpd vs tftpd-hpa

Recently I was trying to tftp files from a Windows computer to a Kali box.   One version of Windows worked, but another didn't.    After much troubleshooting, here were my symptoms: I could tftp a file from-to any Kali box from-to another Kali box I could NOT tftp files to a specific Windows 7 box from any Kali box I could NOT tftp files to a Chrooted-Ubuntu-Chromebook box from a Kali box After MUCH troubleshooting, going through every setting in atftpd, it seemed like it literally was a client OS problem.  Different clients simply would not download files---unacceptable. Thus, I switched to tftpd-hpa.   To install: apt-get install tftpd-hpa files go to/come from /srv/tftp, but it needs to be a tftp user. Thus, I needed to: chroot -R /srv/tftp Also, if you want to be able to put files ON the tftp server (from a client), you need to modify /etc/default/tftpd-hpa: change "TFTP_OPTIONS="--secure"  to "TFTP_OPTIONS="--secure --create" I al
Post a Comment
Read more

Security Onion on the Antsle

My Setup of Security Onion on the Antsle: Recently my IDS box, an Intel Atom D2500 Fanless Mini-ITX PC, D2500CCE, died.  Truth be told, I think it came from the factory in a bad state, as I originally thought I had a bad graphics driver, but I then noticed that, after much troubleshooting, it wasn't a driver issue at all.  The box just sometimes wouldn't boot up correctly with video.  It seems heat related, something like not enough thermal paste on the CPU, as after it is powered off for a while it is more likely to boot than when it is warm.  Along with that issue, this box maxed out at 4GB of RAM (only has 2 memory slots, each of which will only take a 2GB card max) and had a single processor, so it was under powered for Security Onion. So, I decided to quit limping along on P.O.S. boxes, and buy a little more heavyweight box for my networked IDS.   Security Onion requires a minimum of 8GB of RAM, and 4 cores per their specs page https://github.com/secur
Post a Comment
Read more