This is the second post of a two-part feature on how to obtain information on a WEP enabled wireless network. We’ve already discussed how to crack a WEP key. Now this post will show how to gather information using a Firefox Add-on called Firesheep.
Disclaimer: I do not care what you do with this information. Who am I to tell you what to do with something you’ve learned? It is your decision to use this information ethically or unethically. Just know that stealing private information is illegal.
It’s likely you’ve heard of Firesheep by now. It’s been written about in Forbes, PCWorld, and ZDNet just to name a few. There have been 746,845 Firesheep downloads as of this writing. But I’m sure there are still a few of you who only use the Internet for Facebook and Gmail and haven’t heard of it. That’s alright, but there are some things you should know especially if you’re using either of those two aforementioned sites.
Firesheep is a Firefox add-on that listens to traffic over a wireless network. Specifically Firesheep looks for cookies on a network. It does not show passwords. Websites like Facebook and Twitter encrypt passwords. Firesheep just allows you to do everything as if you have the password. It works on open wireless networks and WEP-enabled wireless networks. Check out my How To on cracking WEP keys here.
So let’s say you go to Facebook.com. You enter in your email address and password and click Login. Facebook then stores an identifier (a cookie) on your computer and uses it throughout your session so it knows that you are – well, you. This is where Firesheep comes into play. Firesheep copies that cookie and uses it to log on to your Facebook (or whichever service) account.
Here’s a good analogy: Let’s say you’re trying to get into a club (WiFi network). The big bouncer (Facebook, Twitter, etc.) has a list of VIPs that are only allowed in. The only way for the bouncer to allow you in is if you show a valid ID (cookie). You show your ID (username and password) and are allowed in because your ID matches a name on the list. Once you’re in the club you grab yourself a drink and socialize. What you don’t notice is some creepy, weird looking guy with a trench coat and sunglasses (who wears sunglasses in a night club? This guy does).
This guy is Firesheep. He’s been stalking you for a while and somehow got into this club. Who knows how he got in. All that matter is that he wants to copy your ID so he can go to other clubs and pretend to be you. So you go to the bar to start a tab and leave your ID and credit card with the bartender. After you get your drink and head back to the dance floor, Firesheep creeps over to bar and swipes your ID, takes pictures of it, and heads out the door. He uses these photos to duplicate your ID and get into other clubs.
How to Install Firesheep
Firesheep is very easy to install and use. That was Eric Butler’s intent. Eric developed Firesheep to point out how easy it is for someone to hack into user accounts using cookies. “Hopefully sites like Facebook and Twitter will see this and decide that protecting user privacy is a priority for them”, Butler said. Let’s start with installing Firesheep.
Head over to Butler’s Github page and download Firesheep for your OS. Be sure to also install WinPcap if you’re using a Windows machine. WinPcap captures the network traffic that Firesheep is looking for.
Locate the .xpi file you downloaded and right click (OS X users: Ctrl+click) on it. Open the file with Firefox. Firefox will warn you to trust the author of the add-on. Just click Install Now. Once it’s installed restart Firefox.
Now that we’ve installed Firesheep, go to View on Firefox’s menu bar. Click Sidebar and then click Firesheep. Firesheep will now load in Firefox on the left side. Just click the Start Capturing button and wait. Depending if anyone is using any of the sites supported by Firesheep, user information may appear in the sidebar (as seen to the right).
And that’s it. Pretty easy, eh?
Firesheep is a little terrifying and really intriguing at the same time. There are tools to counteract Firesheep such as BlackSheep, HTTPS Everywhere, and Force-TLS. So if you’re paranoid about someone using Firesheep on your network, you can use those tools to help circumvent any potential thieves. Even if you do decide to use those tools, you should always know who is on your network. And if you don’t know who is on your wireless network it’s likely due to little or no encryption. I highly suggest using WPA or WPA2 encryption instead of WEP encryption or especially (cringes) leaving it open. Find out why you shouldn’t use WEP encryption (and how easily you can crack it) in my previous post.
I’m trying to pull together a list of websites that Firesheep works with. Here’s what I have so far:
- New York Times
If you know of any more sites, post them in the comments. Did your Firesheep install go well? Are you frustrated beyond belief that something like this exists? Are you even more frustrated that Facebook and Tumblr, etc. still haven’t done anything about this? Let us know in the comments.