New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added linux support #31
Conversation
Hi, I've just built this plugin on Debian amd64 linux, with xulrunner 1.9.2 and iceweasel 3.6 I then ran sudo xul/platform/.../firesheep-backend --fix-permissions After this, firesheep-backend would seem to run correctly. I then zipped the folder, and added it as a firefox plugin. On start, firefox segfaulted on
|
I did it by myself and it's pretty similar than yours... indeed, your seems better (I used ifstream("/proc/net/dev") to get the interfaces). |
Hi everyone, Thanks for working on this! For elevating privileges check out PolicyKit, I believe its designed for this exactly. |
@jeremysalwen - Sorry I should have been more clear, I had to run firesheep-backend --fix-permissions once it was installed (cd ~/.mozilla/firefox/......./Linux_x86_64-gcc3; sudo ./fireshee-backend --fix-permissions). I also just installed the xpi file that the makefile generated, in build. Maybe see if that works? I'll try to check out PolicyKit tomorrow. |
After running it from the right place, I can get firesheep-backend to start dumping local cookies (although tcpdump also only seems to be noticing local traffic even on unencrypted wifi, so that seems right). However, I still get the same segfault. |
I've also managed to get firesheep-backend to work properly on Linux (Backtrack 4). However, the actual firefox extension gives an error about "Cc is not defined." It looks like it uses a component called MozPopen to read the output of the backend, and I haven't been able to get that to compile. Has anyone had any luck with that part? |
@bassman998 Perhaps it's missing dependencies? I had to install xulrunner-devel, and the firefox development libraries, then build using ./autogen --with-xulrunner-sdk=/path/to/xulrunner-dev && CPATH=/path/to/nspr make. On my machine these paths were /usr/lib/xulrunner-devel-??? and /usr/include/nspr, respectively. @jeremysalwen Do you have any more details on the crash? I'll try to upload my resultant xpi file this evening. |
@michajlo - I built using ./autogen.sh --with-xulrunner-sdk=/path/to/xulrunner-sdk && make. The resultant Makefile for MozPopen had no targets, and the unix version of MozPopenProcess.cpp includes a header file named MozPopen.h which doesn't appear to exist. For some reason, MozPopen.h is listed in .gitignore and therefore isn't in the source. I'm curious as to how anyone has managed to get the extension working in Linux, since as far as my limited knowledge can tell, it's impossible without MozPopen, which is impossible to compile without MozPopen.h. |
@bassman998 MozPopen.h is generated by the Makefile using xpidl (see mozpopen/Makefile.am). There is likely an earlier error, do you have any output? |
@michajlo The xpi you posted earlier today is giving a permission denied error when I attempt to download it. |
@bassman998 I think you may be having a problem with nspr header files. Is this fedora by the way? |
@jnew Hmmm, thought that upload failed... might have only been partial/corrupted. I'll re-upload next time I get on my linux machine. |
@michajlo I don't have any previous experience with automake, and I neglected to add a PLATFORM_LINUX section to mozpopen/Makefile.am. Without that, there weren't any errors, the mozpopen Makefile was left without any targets, and make quietly skipped that folder since there was nothing to do. Everything compiled fine, but didn't run so well. Compiles fine now, with MozPopen. Thanks for pointing me in the right direction. |
@bassman998 Could you explain what you modified in the makefile? Make skips mozpopen when I run it too. |
PLATFORM_LINUX should already be in there... see http://github.com/michajlo/firesheep/blob/master/mozpopen/Makefile.am. Are there any warnings/errors during autogen? Try a make clean first? Also, I just reuploaded the XPI which can save you the compiling. Once installed in firefox you'll need to navigate to the firesheep-backend in ~/.mozilla/firefox/... (forget the exact locations) and run it with fix-permissions as root. |
@michajlo Thanks! However, I did have to add "em:targetPlatformLinux_x86-gcc3/em:targetPlatform" to install.rdf for it to work. I guess my platform is identified as such. |
Ok, when I run fix permissions as root, I'm getting this error: ./firesheep-backend: 1: Syntax error: "(" unexpected. And, when I open the extension I get the Cc error. Is there something I missed? |
here's the full backtrace:
|
@jnew Since the XPI was compiled on x86_64, I think firefox is having a hard time with the shared object. You'll probably have to compile for your platform, and in configure.ac, and the Makefile.am's change any occurences of x86_64 to x86. @jeremeysalwen Is this from the one you compiled yourself or the xpi I uploaded? |
@michajlo Ok. I changed all occurrences to x86, then attempted to compile. I hit some errors. I'm not exactly the most experienced, so I'll put the output here and if possible, could someone point out a mistake?
|
@jnew You need to get the http-parser dependency, do 'git submodule update --init'. Also, won't hurt to install libtool. |
@michaejlo This is from my compilation. The download you posted allows firefox to load, but gives the undefined reference error "Cc" when I click on preferences. |
@michajlo Alrighty, that's done. Thanks for all the help so far. However, make failed again. Here's an excerpt. I should probably mention this is my first time using git, so I'm learning a ton in the process hahaha.
|
You most likely need to install libpcap-dev and libboost-dev |
@jeremysalwen That did it. Thanks! Everything is working as far as I can see. |
It works!! I decided to start fresh with the code from michaejlo's branch. From there, I had to make some changes from x86_64 to x86. After that, it compiled and loaded into Firefox, but caused Firefox to crash. I noticed that when make tried to build MozPopen.so, it was returning a warning.
It looked like the "-Wl,-executable_path,/root/xulrunner-sdk/bin/xulrunner-bin" portion was telling it to use xecutable_path as the entry point, so I deleted that from the Makefile, since I couldn't tell where it was coming from in the autogen process. Now it compiles, loads, and captures. |
After manually deleting xpi/platform/linux.../MozPopen.so (make clean does not delete it), I got it to actually rebuild the entire plugin. However, I noticed the same warning bassman had. I made the same changes he did, and it compiled without warning. Now it seems to be working. I am able to capture local ethernet cookies. However, it doesn't seem to be listing my wifi device. It instead has a blank name under the preferences tab. I will have to test if that blank entry will really work with my wifi card. |
Have we established the ability to capture external sessions? I just tested with an open network, and I was not able to capture any but my own. I have an Atheros card in an Eee 1005ha, fairly certain it supports promiscuous mode. |
@jnew From what I can tell, I think you need to put it in monitor mode to capture other computers' packets, but then you will be unable to access the network yourself. To put your card into monitor mode, do |
I wrote a tutorial-for-dummies to install this on a linux system, aimed specifically at Ubuntu (because that's what I'm on). I tested it from scratch on a fresh install of Ubuntu 10.10 64-bit, and it works, but Its pretty long so I'm not sure if I should post it here. If not, I'm not sure what a better place would be for it. |
@FuegoFro Upload it to some site like www.pastebin.com if you don't own your own. Just paste the link here. |
@falseteeth Thanks for that site! Here is the tutorial I made. Hope some people find it useful! |
@FuegoFro, concise guide man however I still have two problems.
@michajlo, I finally had time to try your suggestions here is the output of the commands you suggested: MozPopen.so: file format elf32-i386 ldd MozPopen.so
Everything appears ok to me, any suggestions? |
Forgive me, but I am entirely new to the realm of linux and am trying to follow your instructions. When I run your first line of code in the terminal ("sudo apt-get install build-essential autotools-dev automake autoconf git xulrunner-1.9.2-dev libpcap-dev libboost-dev aircrack-ng") I get this message: Package git is not available, but is refered to by another package. This may mean that the package is missing, has been obsoleted, or is only available from another source. What should I do? |
I am using bassman998 xpi on my acer aspire one (maverick, firefox 3.6). It works good, captures my data and data of other people using arpspoofing. I have the same problem that it doesn't work in monitor mode, but that isn't really bothering me. The xpi doesn't work in firefox 4, it gives you a cc error, so I was thinking that the cc errors other people here are getting might be because of a wrong firefox version. |
@jimbauwens It is NOT designed to only capture other people's data with ARP spoofing. Yours is not working properly. |
@falseteeth I wouldn't go so far as to say that firesheep is not working properly, it seems to be doing exactly what the code intends. It helps you pick an interface, anything that will have ethernet headers, and then passes that interface to http_sniffer, which does the session reconstruction. Firesheep backend sends these reconstructed sessions to firefox via mozpopen, where they are searched for session cookies. That interface can be anything as long as pcap can open it. I'm fairly certain that the reason people are having trouble with their interfaces not picking up all traffic is not firesheeps fault, but something to do with some obscure kernel settings, other processes mucking with the wireless card, or some hardware feature (my next stop is to start checking datasheets). @mickflemm If your modifications do what it sounds like they do, that's awesome :) |
@Wyko Try changing "git" to "git-core". |
@michajlo how can i send them to you ? |
@Kamek I didn't run into that problem when I tested the tutorial on a fresh install so I don't have first hand info, but if you look earlier in this thread you'll find that bassman998 was able to fix this issue by deleting the offending line (eg.: -Wl,-executable_path,/usr/lib/xulrunner-devel-1.9.2.12/bin/xulrunner-bin) from the "Makefile" file (note that that's different from "Makefile.am"). |
Can someone go into detail and explain where I'm supposed to find MozPopen.so? I do not see a file named that anywhere in my Firesheep folder. Does this mean it didn't install/compile properly? |
A few infos on what i've done... I changed firesheep-backend to use 802.11 monitor interfaces with radiotap headers (mac80211 provides this, just use iw command to add it and give it the same ip with your wlan -it won't send or receive anything so no problem, if you have one use route command to clean it up-). The thing is that monitor interfaces don't provide ethernet packets that firesheep-backend can handle, they provide raw 802.11 frames with radiotap header and SNAP encapsulation so I had to change the code to accept monitor interfaces and deal with different headers etc (802.11 header is of variable length) and malformed packets (I skip all header checks for now but I have to add some error checking stuff). My current code is prety nasty and i don't have much time to clean it up, I just wanted to see that it works and after it did (and I got all fb accounts on the local hotspot -notifying their owners to use ToR-) i left it. Using monitor interfaces you can get packets from any open wireless network your card can see, it's not like promisc mode when you see only packets on your own network. |
I am having a similar problem as Kamek.
@Kamek did u solve that problem? |
Brilliant. Now, I'm a little lost in using iw after installing. Which command did you run and how? I don't want to break it, an I can see where to plug in the wlan0 device, but I'm not sure how it connects to the firesheep backend. Can you give us some more specifics? Messy code is fine, if it runs. ;) |
@Kamek, cromadon This was talked about above. You did not symlink the libraries from the /.mozilla/firefox-[version]... /lib/ foler to the /usr/lib folder. you also need to fix permissions on the firesheep-backend to get the interfaces. |
General question: |
I am having a similar problem as Kamek.
Same here. |
@FuegoFro, wow that from a guy who couldn't git clone a repo. I'm stunned. bassman was unclear in his post about what he changed and where he changed it, so I was asking for clarification. It seemed to me as if he was saying to only take out the -executable_path to me, as all he said was this "part" and that executable_path was messing something up. I'll rtfm if you will. |
@cromadon, no sorry I haven't had alot of time lately. Hopefully I'll mess with it this weekend. |
@Kamek Point taken. I'm sorry, I didn't mean to be rude. |
@FuegoFro I used your guide, followed every instruction, and I run ./firesheep-backend at0 tcp 80, but it still only shows packets sent to/from my computer. What am I doing wrong? My card fully supports monitor mode (and packet injection) by the way. I also ran dmesg, and at0 is indeed entering promiscuous mode. It's not picking up anything from anyone else, though. |
btw @executable_path is only used on Mac OS X as far as i know, it's the place where it expects to find XUL library (binary). I tried to compile firesheep on 10.4 but with no luck... I'm cleaning up the code and i'll post them so you can test. |
@FuegoFro, no problem. I didn't see the part about symlinking the lib's to /usr/lib, is there any way you could update your guide to include this? Sorry to be a dick, it's been a long day. I was thinking perhaps someone should make a forum or something where we can discuss this, as this page is getting way too unorganized. |
I used michajlo's work and added Linux support from scratch fixing various autoconf/automake isues, adding policykit support etc. Instructions: git submodule update --init I'll put 802.11 monitor support asap ;-) |
I'm having trouble finding the SDK. Where should I be looking? I tried: But it did this: autoreconf: Entering directory -Wyko |
for me it was /usr/lb/xulrunner-devel-1.9.2/ |
added monitor support... |
Note, you must disable the default firefox apparmor profile or it won't let the plugin run. |
I'm going to mark this issue closed since development has moved here: |
Added basic linux support using what's available in libpcacp. I have it running on my laptop and i can see my sessions getting picked up, though i don't have an unencrypted network to test it on for external sessions, but I'm pretty confident it will work.
Note, you will need to run firesheep-backend --fix-permissions as root manually, I couldn't think of a common linux privilege escalating scheme except 'su'.
Finally, it shouldn't conflict with OSX or windows versions, though I don't have the environments handy to build and check.