Check this FF addon
Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Check this FF addon

  1. #1
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683

    Check this FF addon

    Now the bad news; it’s been made available a Firefox add-on you can install that will do everything for you: sniff the traffic, gather the cookies around and show you the different ’stolen’ cookies, so you only have to click on them to steal the session. Easy, isn’t it? Even Netkairo, the Mariposa guy, would be able to do such thing.
    I thought this was a good read ...

    http://pandalabs.pandasecurity.com/f...ng-my-cookies/

    and ... the counter! http://download.cnet.com/HTTPS-Every...-75211397.html

    Been using it and does the trick.

    EDIT: Better link: https://www.eff.org/https-everywhere
    Last edited by Cider; October 26th, 2010 at 03:48 PM.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  2. #2
    StOrM™
    Join Date
    Aug 2004
    Posts
    1,003
    Brilliant and scary.
    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

  3. #3
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    Interesting!

    I mostly use RJ45 connections but I am just starting to install wireless so the information is useful.

    I don't really know what to say about the skiddie tool........in one sense it is a bad thing, as a lot more people will be vulnerable now that skiddies have been brought into the frame.

    On the other hand it has brought the issue to people's attention?

    All I can suggest is that you let everyone you are in contact with who uses WiFi know about it.

    Nice post Cider!

    EDIT:

    Hmmmmm

    The skiddie tool is a FireFox plugin, as is the solution; yet all other browsers expose you to this vulnerability?

    Does anyone else get the distinct aroma of rodent?
    Last edited by nihil; October 27th, 2010 at 05:39 AM.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  4. #4
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    This is totally shocking ... I honestly dont know what to say.

    This is kind of forcing us to use FF to counter this unless you want to https everything manually. In the HTTPS anywhere addon there are quite a few ones built in but you can write your own but not every server has this capability.

    So whats the answer?
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  5. #5
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    Hi Cider,

    So whats the answer?
    Until the other browsers catch up I think that the only one is to use FireFox, as the attack is against your wireless traffic rather than the OS or an application. I believe that this only applies to public hotspots though so the other solution is just don't use them.

    I have been looking at my home setup and the hub will support 4 RJ45 cable connections, one USB connection, and Wireless (a "hub" is what we call a combined router and ADSL modem). Now, the RJ45 and USB are cable connects to the hub, and the hub connects to the ISP via the copper wire telephone cable. The connection between the hub and the telephone is a regular RJ11 cable. No worries there, as the traffic cannot be intercepted like omni-directional wireless. [OK,OK, the latest version of TEMPEST or whatever, but if the spooks are after you I think that you must have more pressing problems?]

    OK, if you are using WEP you have always been vulnerable, it's just that this skiddie tool has made it a hell of a lot easier? You really need to go to WPA, and set a strong encryption algorithm?

    At home, I would recommend cable connecting to the router or directly to the DSL modem if you are doing anything like online shopping or banking.

    My wireless connections could be sniffed by someone within range, but my router is encrypting the traffic with WPA2 PSK. When I look at what is going on around me, I see several hotspots that are using WEP

    I really don't understand that; if their router doesn't support anything better then all they have to do is call their ISP and they will be sent a free one that does!

    Just my thoughts right now, and I am no expert on the subject.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  6. #6
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Never been a fan of wireless anyways.

    I have instructed IT to move from WEP to WPA :P
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  7. #7
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    Yes, I have never been a WiFi fan either, although the technology seems to have improved a lot over the past few years since broadband took off over here.

    1. The ISP's earlier hubs would only support WEP
    2. Cable connect problems (RJ45/RJ11) are usually easier to troubleshoot than WiFi ones. I even have a cable tester!
    3. I am a dinosaur

    I am now using some WiFi connections. This is because I have some older machines that do not have a network port, and I have found a source of cheap USB wireless adapters.............. they look like and connect the same as a USB memory stick. Cheaper and a lot easier that messing around with internal cards, and they can be ported from machine to machine so I only need two: one for upstairs and one for downstairs.

    I have put the new laptop in our library, which would be a very long run for an RJ45 connection (although it does have the port) and it has built in WiFi and BlueTooth. Also it means that I can use computers both upstairs and downstairs at the same time. For some reason the telephone system will not support 2 RJ11 connections.

    I can see WiFi as being very useful where a cable solution would be messy or problematic. If I do internet shopping I always use cable connect via a USB dial-up ADSL modem. That way there is no chance of a signal being broadcast.

    I have instructed IT to move from WEP to WPA :P
    Actually I was not being facetious when I mentioned that. Over here I believe that all the ISPs that give you a free hub, ship it with WEP enabled by default; you have to manually change it to WPA yourself. People just take them out of the box and connect them as is................that is why I see so many WEP connections
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  8. #8
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,188
    I mostly use RJ45 connections but I am just starting to install wireless so the information is useful.
    I am thinking that arp poisoning would make this possible on a wired/switched network.
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  9. #9
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    I am thinking that arp poisoning would make this possible on a wired/switched network.
    Quite probably, at any rate there are plenty of other vulnerabilities and exploits that will affect wired systems. It is just that this skiddie tool appears to be aimed specifically at sniffing wireless traffic.

    And the reason I mostly use RJ45s is because I already have a load of them, and I am too astute as to waste good beer vouchers on wireless cards
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  10. #10
    HYBR|D
    Guest
    FYI it's usuable on both wep & wpa

Similar Threads

  1. Check Point VPN-1 ASN.1 Buffer Overflow Vulnerability
    By ric-o in forum Firewall & Honeypot Discussions
    Replies: 1
    Last Post: July 29th, 2004, 01:08 AM
  2. Windows XP Tips
    By Nokia in forum Tips and Tricks
    Replies: 4
    Last Post: June 18th, 2004, 04:24 PM
  3. Windows 2000 Tips
    By Nokia in forum Tips and Tricks
    Replies: 0
    Last Post: June 12th, 2004, 05:13 PM
  4. more info on Henpeck Rodock worm
    By prodikal in forum Microsoft Security Discussions
    Replies: 0
    Last Post: October 12th, 2002, 10:00 AM
  5. bash script for md5 binary integrity check
    By slackwarelinux in forum IDS & Scanner Discussions
    Replies: 1
    Last Post: July 23rd, 2002, 06:24 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides