Added Linux support (again) #70

Merged
6 commits merged into from Nov 14, 2010
@mickflemm

I used michajlo's work and added Linux support from scratch fixing various autoconf/automake isues, adding policykit support etc. It works out of the box ;-)

Support for 802.11 monitor interfaces on the way...

mickflemm added some commits Nov 5, 2010
@mickflemm mickflemm * Added linux support using Michajlo Matijkiw's work with various fixes
 * Needs policykit installed (no need to manualy set permissions on backend)
f6ced0a
@mickflemm mickflemm * Added support for 802.11 monitor interfaces with radiotap headers …
…(that means radiotap header + 802.11 header + LLC + data)

 * Added __packed__ atribute on all structs that we map directly to the packet buffer (headers mostly). Without it compiler aligns their elements
based on cpu/os etc to optimize performance and this can result bad mapping. On visual studio we use te __pragma(pack()) attribute (but haven't tested it, it should work).
f5056ff
@mickflemm

Done !

Some instructions:

Compile/Install:
git clone git://github.com/mickflemm/firesheep.git
cd firesheep
./autogen.sh --with-xulrunner-sdk="path to xulrunner sdk"

git submodule update --init
make

grab build/firesheep.xpi and install it on firefox

Setup a monitor interface:
iw wlan0 interface add mon0 type monitor
ifconfig mon0 up
go to preferences->interface and choose mon0

now you should see sessions from any open network your card can hear (not just the one you are connected)

The first time you run it you should press "Start Capturing" and polkit will ask for your root password in order to set proper permissions to firesheep-backend. Then you'll be able to choose interfaces and play with it. If polkit doesn't work for you just do it manualy

cd ~/.mozilla/firefox/wmv3s5gw.default/extensions/firesheep\@codebutler.com/platform/Linux_x86-gcc3/
(wmv3s5gw.default should be different in your case)

sudo ./firesheep-backend --fix-permissions

@codebutler
Owner

Awesome, thanks for collecting this all into one commit.

A few questions:

  • Is it possible to use pkg-config instead of requiring the --with-xulrunner-sdk configure parameter, or will attempting to use the system xulrunner-dev package be a nightmare for x86_64 systems? I'm assuming everyone's been using the SDK tarball from Mozilla, but I haven't been following very closely.
  • Can you add pkg-config checks for boost and libpcap, and then use the _LIBS variables created by that?
  • Is there an API to use instead of pkexec? The frontend assumes that fix_permissions() will return false if the user (for example) cancels the password dialog, which wont happen with exec(). The hard-coded path may also be a problem. Probably not a huge deal.
  • Do the devices returned by pcap_findalldevs() contain useful descriptions or will it be necessary to pull in devicekit/network-manager/connman maddness? On Windows the description returned for some devices is fine and for others is useless, leaving some people confused.

Thanks again,
Eric

EDIT: Reviewed this right before your second commit, haven't had a chance to look through it yet.

@mickflemm

This sucks, I know. Since firesheep-backend gets suid one can use this execl call for priviledge escalation. It's just a quick and dirty way to call policykit via pkexec. Using polkit the correct way is a lot of work right now.

@mickflemm

I'll work on pkg-config asap, haven't looked at it much (i have an x86_64 to test so no problem there). As for the polkit API yes there is one but it's complicated (plus I think we need to install a policy file on /etc/polkit) and i don't have much time right now to look at it. Polkit is the only desktop-independent way to do this without command line (works on both gnome/kde). I'll think of a way to handle the return code, as for the hardcoded path it shouldn't be a problem, all distros install pkexec on /usr/bin (but we can get it with "which pkexec" and use that instead I guess).

Thanks for your work ;-)

@mickflemm

btw this is what --list-interfaces return, most of the time there is no description from pcap...
{"wlan0":{"name":"wlan0","type":"ethernet"},"mon0":{"name":"mon0","type":"802.11 monitor"},"eth1":{"name":"eth1","type":"ethernet"},"lo":{"name":"lo","type":"ethernet"}}

I don't know if we should use devicekit but i'll look into it...

@mickflemm

DeviceKit is new and poorly documented, I'll go with HAL, everyone supports HAL. However i don't expect much on my system Network Manager, DeviceKit, HAL all report things like "WLAN interface" or "Networking Device" etc :P Something is probably missing...

@Wyko

I finally figured out where the SDK was! (/usr/lib/xulrunner-devel-1.9.2.12/)

However, when I "Make," it gives me a long string of errors. I figured I post the errors in pastebin rather than spamming this board. :)

http://pastebin.com/X8zSPFYn

@Gardn

mon0 isn't coming up in preferences. Ideas to fix that? everything else went through, though I did have to run iw and ifconfig as root. dunno if that matters.

Thanks so much for your work, this will be epic. :D

@Gardn

oh. and after running everything, I was getting errors running make, so I couldn't grab your xpi so I used the one from the previous thread. would that make a difference?

@FuegoFro

@Wyko I don't know if it will completely fix your problem by trying running:
make CPATH=/usr/include/nspr
That resolved a lot of similar errors for me. I am however still getting errors on the MozPopen compile during make.
MozPopenModule.cpp:1: error: bad value (amd64) for -march= switch
MozPopenModule.cpp:1: error: bad value (amd64) for -mtune= switch

@Wyko

@FuegoFro That solved everything! It built perfectly and runs well. Thanks!

I just have two questions:

One; I was unable to get Firesheep to capture cookies from my network... until I decided to try changing the network from a WEP encrypted one to a totally unsecured network. Then it worked! Does Firesheep not work on WEP networks that you already have a key for?

And question number two: Can Firesheep (used and built in the manner that you describe in the first post) catch logins from people not on your network, but on nearby networks? Because a minute or two after I opened my network publicly and I finally began to have Firesheep work, I also randomly caught a login from a stranger on facebook. I suppose she could have logged in to my network, but my router's security page don't see her as connected to my wireless AP. Is there an easy way to tell in linux who is connected to a particular wireless ap?

Thanks for all of your help guys!

@Gardn

It should pick up cookies from any wireless network your card can 'hear', is my understanding, so a nearby network you're not connected to, but could be, (unsecured network) would produce firesheep traffic.

I'm not finding anything on google for my error:

Making all in mozpopen
make[1]: Entering directory /home/andrew/firesheep/mozpopen'
mkdir -p ../xpi/components
/usr/local/bin/xpidl -m typelib -I /usr/lib/xulrunner-1.9.2.12/idl -e ../xpi/components/MozPopen.xpt MozPopen.idl
Can't locate CORBA/IDL/Parserxp.pm in @INC (@INC contains: /etc/perl /usr/local/lib/perl/5.10.1 /usr/local/share/perl/5.10.1 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.10 /usr/share/perl/5.10 /usr/local/lib/site_perl .) at (eval 26) line 3.
make[1]: *** [../xpi/components/MozPopen.xpt] Error 2
make[1]: Leaving directory
/home/andrew/firesheep/mozpopen'
make: *** [all-recursive] Error 1

can anyone help?

@Gardn

It should pick up cookies from any wireless network your card can 'hear', is my understanding, so a nearby network you're not connected to, but could be, (unsecured network) would produce firesheep traffic.

I'm not finding anything on google for my error:

Making all in mozpopen
make[1]: Entering directory /home/andrew/firesheep/mozpopen'
mkdir -p ../xpi/components
/usr/local/bin/xpidl -m typelib -I /usr/lib/xulrunner-1.9.2.12/idl -e ../xpi/components/MozPopen.xpt MozPopen.idl
Can't locate CORBA/IDL/Parserxp.pm in @INC (@INC contains: /etc/perl /usr/local/lib/perl/5.10.1 /usr/local/share/perl/5.10.1 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.10 /usr/share/perl/5.10 /usr/local/lib/site_perl .) at (eval 26) line 3.
make[1]: *** [../xpi/components/MozPopen.xpt] Error 2
make[1]: Leaving directory
/home/andrew/firesheep/mozpopen'
make: *** [all-recursive] Error 1

can anyone help?

@falseteeth

Incredible. It actually works.

Do I need to recreate the mon0 interface every time I restart, though?

@mickflemm

I just woke up and finished with pkg-config stuff, no need to use --with-xulrunner-sdk anymore it's automaticaly detected, also pcap doesn't have pkg-config files but pcap-config instead. I couldn't find anything for boost though ;-(

Also I'm almost done with getting interface descriptions from HAL (info.product) so we 'll have sane descriptions instead of wlan0.

Policykit is next (hope i can find some time durring the weekend)...

About the monitor interface:

a) Your card should support it, for a list of supported cards/drivers visit wireless.kernel.org
b) You should create it each time you want to use it using iw wlanX interface add monX type monitor
c) If it doesn't show up on the list it's because you didn't bring it up (ifconfig mon0 up)
d) If you get other errors try assigning it an IP (there is no need to have an IP on the monitor interface but anyway, anything will work don't use an IP on the same subnet or you'll mess up routing)

@mickflemm

Oh also about the amd64 flag, it seems newer gcc versions removed it, amd64 was a generic flag to support both amd and intel 64bit cpus. I switched to -march=athlon64 -mtune=generic and wish it'll also work on 64bit intels.

@Gardn

I still can't get it to compile though.

@mickflemm

I haven't pushed the changes yet, I'll do it later today.

@mickflemm mickflemm * Use pkg-config for xullrunner paths
 * Use pcap-config for pcap library paths
 * Use boost.m4 for boost library paths
 * Change -march to more generic 32bit and 64bit flags (note amd64 flag is gone on newer gcc versions)
398abff
@mickflemm

@codebutler: Done with pkg-config stuff, xullrunner, pcap (through pcap-config) and boost (through boost.m4) all ready ! ;-) Tested on x86 (Gentoo) and x86_64 (Ubuntu).

It should work on windows too but i can't test it (i was more optimistic on OS X but I also can't test it) ;-(

@all no need for --with-xulrunner-sdk anymore plus it'll tell you when you don't have a required lib.

@mickflemm

Ah, I also used relative paths on mozopen/Makefile.am instead of absolute

@Jolsch

Nice work mickflemm! I really want to try your software, but how do I remove the version of michajlo? I am just making the transition from Windows to linux and I have no clue about how this works. I normally install software with 'sudo apt-get instal [name]' and remove it with 'sudo apt-get remove [name]'. Download sources and compile it was kind of new to me, but remove software is another thing. How does it work?

@Kamek

Note, you must disable the default firefox apparmor profile or it won't let the plugin run.

@mickflemm

Just follow the instructions on the first post but instead of ./autogen.sh --with-xulrunner-sdk="path to xulrunner sdk" just type ./autogen.sh.

Also make sure you have the following packages:

autoconf
xulrunner-dev
libboost-dev
libpcap-dev

@mickflemm mickflemm * Skip non-data frames in monitor mode (it shouldn't happen since fi…
…lter is set but let's be safe)

 * Silence compiler (init ip and ipv6 structs to NULL)
3d80591
@FuegoFro

Works like a charm. Brilliant! :)

@SanderKleykens

aclocal 1.8.5 gives an error: aclocal: unrecognized option -- `-I.'
Changing this line to "ACLOCAL_AMFLAGS = -I ." fixes it.
Note the space between -I and the dot.

Thanks, I missed that one, it's weird because it uses boost.m4 correctly...

You couldn't have possibly foreseen it, since this only appears to happen on old aclocal versions.
I stumbled on it because i'm trying to compile it for Maemo 5.

You're doing a great job by the way.

@ozanguven

I have tested on archlinux x86_64 (2.6.35-ARCH) with "Ralink RT2870" wireless usb adaptor and it works...

@Raa42

Thanks for your work, mickflemm !

I get an error runing the autogen :

"No package 'hal' found
Consider adjusting the PKG_CONFIG_PATH environment variable if you
installed software in a non-standard prefix.
Alternatively, you may set the environment variables HAL_CFLAGS
and HAL_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details."

So the makefile is not created and make will not run...

I checked /usr/lib/pkgconfig : hal.pc is missing, and I haven't a clue how to create it.

@Kamek

@Raa42, sudo apt-get install hal libhal-dev

@Ballz2TheWallz

Can anyone help me? I get errors when I try ./autogen.sh, here is my config.log file

http://pastebin.com/WZGZvTuB

@Raa42

Thanks, Kamek, libhal-dev was missing.
Now it builds !

Another problem :
The xpi is now installed on Firefox, but I can't see any interface in the list...
I tried with both iw and airmon : both are creating a working mon0 interface, but the list in Firesheep configuration stays empty... (after a Firefox restart, of course)

EDIT : solved, Firefox need to be run as root

@Ballz2TheWallz : any error message in the output console ?

@Ballz2TheWallz

As far as I see everything outputted to the console is in the log file as well.

@Raa42

Have you try (re)installing gcc and binutils ?
edit : and g++, libc6-dev...

@Ballz2TheWallz

Did that, here is the output from the terminal now

http://pastebin.com/Gmw1wAEu

@Raa42

"No package 'libxul' found"

Try this :
sudo apt-get install libxul0d libxul-common libxul-dev

@Ballz2TheWallz

Reading package lists... Done
Building dependency tree

Reading state information... Done
Package libxul0d is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
E: Package libxul0d has no installation candidate

@Raa42

What about libxul-dev ?
Maybe it will be enough.

@Ballz2TheWallz

None of them have installation candidates.

@Raa42

I checked on my system, the closest package is xulrunner-dev.
sudo apt-get install xulrunner-dev

@Ballz2TheWallz

Okay, how to I grab and build firesheep now? I assume I have to because the version of the website just says its not compatible.

Thanks for all the help by the way.

@Raa42

After the autogen :

git submodule update --init
make

grab build/firesheep.xpi and install it on firefox

Setup a monitor interface:
sudo iw wlan0 interface add mon0 type monitor
sudo ifconfig mon0 up

go to preferences->interface and choose mon0

(from the first post)

@Ballz2TheWallz

My bad, I thought it was an additional step and didn't realize it was a directory and file.

So I did the iw/ifconfig, tried running firesheep and there is still nothing next to interface.

@Raa42

Select the gear at the back of the interface, then Preferences.
And select your interface in the list.

If the list is empty, you have the same problem as I had.
Solution is to run Firefox as root (sudo).

@Ballz2TheWallz

Thanks, running as root did it.

@Gardn

Should this pick up other computers on a secured wifi, if I'm on said secure connection? curiosity thing.

Huge huge congratulations and thank you MickFlemm, for his wonderful work. Well done.

@Jolsch

I installed the software (+ extra packages) on my laptop with Ubuntu 10.10 and got no errors. I see my devices listed and when I put my network card in monitor mode with 'airmon-ng start wlan0' I see my 'mon0' card also. But I do not know for sure if it works. Tomorrow I'll try to grab some open network traffic and I'll post the results.

@Gardn: I do not think so. When I run firesheep I do not see sessions from other computers in my network. I think it is only possible with some sort of man in the middle attack (arpspoof).

@mickflemm

The reason you don't see interfaces on the list is because I haven't fixed the policykit thing yet, I'll work on it asap (instead of running firefox as root you can run firesheep-backend --fix-permissions as described on the first post).

Thanks a lot for your kind words but if it wasn't for Eric we wouldn't have this baby to play with, I'm just doing my part ;-)

@sic3230

@Gardn - What was giving you the error while compiling? I'm getting the same error, [all-recursive] Error 1.

edit: nevermind, I was skipping the line after running ./autogen.sh "git submodule update --init"
compiled successfully.
second edit: FINALLY got it working! I've been trying to get this running off a Backtrack live cd, and finally gave up on that and installed a fresh copy of ubuntu. Working perfectly now, many thanks to mickflemm and codebutler.

@Gardn

@ Jolsch my understanding, @codebutler correct me if I am sorely mistaken, is that the goal of this is to grab info from all unsecured wifi in the area, whether you're connected to that particular network or not.

And correct me if I'm wrong again, but making this only available by using a MITM maneuver would defeat the purpose of the entire experiment: putting this kind of insecurity in the hands of the general user to raise awareness of web sites' like facebook's failure to properly secure information. It must be incredibly simple for the entire point of the exercise to be valid.

Again, thanks, and kudos to everyone who put serious work into this.

@sic 3230: glad you got it. :) well done.

@Wyko

@Gardn Agreed; the point of the matter is that there are websites with woefully insecure connections. So the question is; how could we make Firesheep work to incorporate the MiTM attack, or is there an easier way to use Firesheep over WEP secured connections (at least those you have the WEP key for)?

@Kamek

As I understand it, most people only set 1 wep key index which means that firesheep should be able to hear another wireless client and decrypt it's traffic even on a wep secured network (if you could call it that) in that event.

@juliensobrier

I get an error with firesheep-backend on CentOS5:

./firesheep-backend --fix-permissions

./firesheep-backend --list-interfaces

terminate called after throwing an instance of 'std::logic_error'
what(): basic_string::_S_construct NULL not valid
Aborted

It tried as sudo user and root, no difference

@kofshinobi

I created an account just to tell the developers that they are geniuses. Thanks this has been a fun learning experience for someone new to Linux.

@xavierzwirtz

Could someone please compile and post this. I'm using backtrack 4 and cant get the latest xulrunner, so it wont compile.

@TrojanWin32

My trouble is coming from the adding monitor part. I'm fairly new to Linux and may be missing something simple, but here is what I am entering into terminal as well as what is being returned:

I enter:

:~$ sudo iw wlan0 interface add mon0 type monitor

and I am getting back this message:

command failed: Too many open files in system (-23)

Can anyone explain to me what is going on and why? Thank you all very much.

@Raa42

@ TrojanWin32 :
I had the same error when mon0 was already created.
Run ifconfig to see if mon0 already exist.

About WEP :
I tested it on a WEP protected network, but it doesn't detect anything.
When I run Wireshark, I can see the cookies of facebook, live.com in some data packets...
But Firesheep finds nothing.
Any guess ?

@Raa42

@ mickflemm :
I missed the fix-permissions trick, thanks !

@ VoiceOfWisdom & bugbegone :
Will a xpi compiled on another system work for you ?
If you want to try with mine : http://dl.free.fr/okQZuviCu
Compiled on Ubuntu 10.4 / kernel 2.6.32-25...

Tell us if it works !

@TrojanWin32

Through some searching and trickery (airmon-ng), I managed to get this from
~$ iwconfig:

lo no wireless extensions.

eth0 no wireless extensions.

wlan0 IEEE 802.11bg Mode:Monitor Frequency:2.462 GHz Tx-Power=20 dBm

Retry long limit:7 RTS thr:off Fragment thr:off
Power Management:off

mon0 IEEE 802.11bg Mode:Monitor Tx-Power=20 dBm

Retry long limit:7 RTS thr:off Fragment thr:off
Power Management:off

...which I thought was great, but I am unable to connect while wlan0 is in monitor mode, so I turned that back to managed mode and left mon0 the way it is. Seemed like it should have worked, but there is still nothing under interfaces on F/sheep.

Am I even close?

@xavierzwirtz

Using Raa42's xpi I was able to install the addon. However whenever I run the fix permission thing I get this error "./firesheep-backend: /usr/lib/libstdc++.so.6: version 'GLIBCXX_3.4.11' not found (required by ./firesheep-backend)".

@Gardn

hey, getting an iw error on my brand new laptop.... :-\ one I didn't get on the other machine.

nl80211 not found. From googling furiously I find that this means I don't have the driver. However, under administration there is a windows wireless drives option, and I know where the windows drivers are stored (dual booting). Can I run through the drivers till I find one that works?

@Raa42

@ VoiceOfWisdom :
try
sudo apt-get install libstdc++6
and/or
sudo apt-get install libstdc++6-4.4-dev

@xavierzwirtz

Whenever I run "sudo apt-get install libstdc++6" I get the message "libstdc++6 is already the newest version". And the whenever I try to run "sudo apt-get install libstdc++6-4.4-dev" it cant find it.

@xavierzwirtz

Okay I did a search of my apt-cache and found that the latest version of libstdc++ is 6-4.3 . Is there any way I can get the latest version for backtrack?

@martinp

Just a quick heads up for Ubuntu users. I needed the following packages to make it compile and run on Ubuntu 10.10 amd64:
sudo apt-get install hal libhal-dev autoconf libboost-dev libpcap-dev xulrunner-dev

@hellocatfood

When running "iw wlan0 interface add mon0 type monitor" I get nl80211 not found, which I guess relates to it not supporting 802.11 monitor interfaces (yet)

@hairypete

@ Raa42 Your xpi works out of the box for me. Acer Laptop, 10.04 lts and a built in atheros wireless card that runs on MadWifi drivers.

Installed your xpi

ifconfig ath0 down
sudo airmon -ng start wifi0

both ath0 and ath1 was created

sudo ifconfig ath1 up

sudo firefox (will fix permissions after writing this)

Then point firesheep to ath1 in preferences.

Thanks a lot man!

@joethetrader

@Raa42
Your xpi installs for me also. fix permissions also gave no error. Sorry if this has been asked, but when I try to access the preferences pane, I keep getting a window

[Javascript Application]
ReferenceError: Cc is not defined

And I can't choose any interfaces, since none show up.

wifi card in monitor mode, running on BT4

any help appreciated!

@martinp

@joethetrader
That error means that you're missing hal. You need have hal installed for the interface(s) to show up.

@joethetrader

@martinp

hal and libhal-dev installed. Still seeing same error. Any other suggestions?

@hairypete

@joethetrader

libpcap-dev and libboost-dev

@joethetrader

@hairypete

Those were also previously installed. No dice.
Do you think it makes a difference that I didn't compile myself, but used Raa42's xpi?

@hairypete

@joethetrader

Really don't know, I just have basic knowledge about linux, and are just result oriented, no science at all here.

I use trial and error until I succeed.

I will install BT4 on the kids machine and try it out there as well. If I succeed Iäll let you know

@ptantiku

Just installed it, and it works like a charm.
Thank you guys for great work!

@philipballew

I tried to put my wi fi card into monitor mode this way:
Setup a monitor interface:
iw wlan0 interface add mon0 type monitor
ifconfig mon0 up
go to preferences->interface and choose mon0

but since that didnt work i did this

cd ~/.mozilla/firefox/wmv3s5gw.default/extensions/firesheep\@codebutler.com/platform/Linux_x86-gcc3/
(wmv3s5gw.default should be different in your case)

changing my directories from his. however when i run this:

sudo ./firesheep-backend --fix-permissions
i get an error saying this: sudo: ./firesheep-backend: command not found
i cant figure it out and didnt see it in the formes here, anyone seen this?

@polomint

Hi, thought I would just join in and give my experience...

I used Raa42's xpi. Installed it in firefox. I then closed Firefox, and then used sudo apt-get to download hal, libhal-dev, ibpcap-dev and libboost-dev
Once that completed I "sudo firefox", went into the firesheep settings and selected my wireless card. Now it works great, :)

@sammydafish

I was able to build firesheep with the instructions here. I had to --fix-permissions in order to get interfaces to appear but they are there now. I get no results though when I start capturing, not from the same machine or from another test on the same network. I used airmon-ng to put the interface into monitor mode. I'm using the mon0 interface in firesheep. I'm using patched drivers on a WG111v3 USB. iwconfig shows monitor mode. If I set firesheep to my wlan0 interface (built in broadcom) I can pick up traffic from the local machine but nothing else. Did an injection test according to aircrack-ng but don't know how to test if the interface is picking up traffic. Any suggestions?

@bottiger

I'm having trouble getting firesheep to compile on ubuntu 11.04.

Here's dump from my ternimal: http://pastebin.ca/2040399 (In sort: make fails compiling firesheep/backend)

I have made sure I have all the dependencies listed above, but maybe they changed in ubuntu 11.04.

@Gardn

There is no 11.04.

also, I can't get to your pastebin.ca link. Go through each of the steps above, and make sure you have xulrunner-dev.

@chenxiaolong

If Virtualbox is installed, Firesheep crashes with a HAL error:

terminate called after throwing an instance of 'std::runtime_error'
what(): libhal_device_get_property_string failed: org.freedesktop.Hal.NoSuchProperty No property info.vendor on device with id /org/freedesktop/Hal/devices/net_0a_00_27_00_00_00

The solution is just to unload the Virtualbox network adapter module and all will be fine :D

sudo rmmod vboxnetadp

@Flaburgan

An update for newer versions of firefox is on the way ?
(i can't install xulrunner in ubuntu 11.10..)

This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment