Firesheep!

I'm sure it can work on any network you are part of. And there is a reason I disable TKIP on every network I have control of.

 

Firesheep Countermeasure Tool BlackSheep.

This may be a Windows only Firefox Add-on, as it was not compatible with Linux when I tried to install it. Contacting author about the problem.

-- Tom

 

http://www.downloadsquad.com/2010/11/06/hotmail-adds-full-session-ssl-for-more-secure-webmail/

 

Blacksheep

Thanks to lotuseclat79 i installed Blacksheep to try in FF v3.6.12 on a non wireless comp, i think i did, partially anyway ? I get these errors though, so i'm not sure what the problem is ?





I know it mentions detecting Wireless Networks but as Firesheep is "supposed" to also work on non WN's, i thought it might work, in some way's ?

Any help would be appreciated

 

Duh missed that, Thanks

Installed WinPcap an ran it & enabled BlackSheep in FF. Still no entry in that box ?

Anyway had a quick play & saw a bunch of IP's that i did NOT initiate



I know it's meant to call out to various places, but some of them, if not more, look very odd contacts Mixture of HTTP & HTTPS ? And those are just a small selection, as every time i visted any other www's, off it went to numerous other www's as well and/or instead

Don't like the idea of ALL those non stop contacts, so i think it's not for me

 

According to the author/developer of BlackSheep via email from my report, he anticipates that he will have a release for Linux on Wednesday - so, check his website tomorrow for it.

BlackSheep – Firefox Add-on (for Windows and Mac OS X).
Note:

BlackSheep for Linux.

Note:

-- Tom

 

Firesheep cookie-jacking tool triggers arms race

 

Password Doesn't Shear Firesheep.

-- Tom

 

No, firesheep - as written - only works on on a NON-Encrypted, Open Wifi Network.

 

That and all Open Wifi Networks need to turn on WPA2. Doing so will prevent newer, non-ssl sites from being abused by firesheep.

 

Blacksheep for Linux? That's nice, before Firesheep is even out for Linux. However, just so everyone knows, Blacksheep does NOT stop Firesheep at all. Never did. Blacksheep's only purpose and design is to alert you, and only when using Firefox, btw, IF Firesheep is being used. You will not be able to identify the user, and Blacksheep does nothing else.

Interstingly, Blacksheep will tell YOU if you are running Firesheep. Firesheep on your own machine will show you which sites YOU have not logged out of.

Use of Firesheep to VIEW ONLY others' accounts is NOT illegal. Changing anyone's information or data on their computer without the owners' permission is a Felony.

Know before ye speak.

 

For Firesheep and Blacksheep:

Windows use requires Winpcap.

Mac use requires nothing extra.

Linux use should require nothing extra, it will just be more fun if you do.

Android use will require nothing extra. The app may require install on rooted phone or other device (Galaxy Tab) only, but most likely not. Android will not require Blacksheep to detect wifi presence of Firesheep use if Android Firesheep is installed. Android Blacksheep app? I don't know if the Blacksheep guy is going to build one or not.

iPad use should be same as Mac.

 

As a pentester (penetration Tester/Ethical Hacker) I just thought I would clear some of this up:

1) Firesheep is nothing new. It only simplifies what could already be done with tools such as Cain and Able and Ettercap (Not to mention other tools included on the BackTrack 4 Live Disk).

2) Firesheep works on any LAN/WLAN the attacker has access to WPA/WEP/Open/Etc. Open networks are the most concerned as there is no protection. WEP is the next easiest target (Cracking WEP takes ~30 seconds) and lastly WPA/WPA2. Wired would be more difficult only in the way physical access is needed.

3) Several Tools exist that can prevent these attacks: ARPFreeze Which sets static arp entries to prevent arp poisoning, DecafeinatID: A simple IDS that detects MITM Attacks. And of course SSL.

How to protect yourself completely?
1)SSL everywhere/NOScript
2) Use a VPN on open networks
3) Don't access personal sites on public networks

Also another note unless the site sends cookies over SSL (Which most don't) they can still be intercepted by firesheep. Which is where HSTS and Whole-Site-SSL come in to play.

And remember open wifi is like sending your information out to the world. Use a VPN or other means to protect yourself. I can't count how many times I have sniffed passwords at Starbucks because people don't use a vpn or sites don't use SSL.
On a side note SSL can also be broken with SSLStrip