A Firefox extension that demonstrates HTTP session hijacking attacks.
- Eric Butler email@example.com
- Ian Gallagher firstname.lastname@example.org
- Michajlo Matijkiw email@example.com
- Nick Kossifidis firstname.lastname@example.org
Start by grabbing the code using Git. If you're planning to contribute, fork the project on GitHub.
$ git clone https://github.com/codebutler/firesheep.git $ git submodule update --init
See instructions for your platform below. When done, an xpi will be created inside the
build directory. Load the extension into Firefox by dragging it into the Addons dialog.
Mac OS X
- Install boost using Homebrew (
brew install boost).
- Download and extract the Mozilla SDK. You'll probably want the i386 Gecko 1.9.2 download.
- Run autogen, specifying the path where you extracted the Mozilla SDK to (
If you're using 10.6 (Snow Leopard) and xpidl complains about libIDL, copy everything in contrib/osx/ to ~/lib/.
Ubuntu Linux (10.10 Maverick)
- Install build dependencies (
sudo apt-get install autoconf libtool libpcap-dev libboost-all-dev libhal-dev xulrunner-1.9.2-dev).
This has so far only been tested on Windows XP (32-bit), however the binaries work fine on Windows 7 too. If you can help simplify this process please let me know.
- You'll need Microsoft Visual Studio 2005. The express edition should work too, but this hasn't been tested. Newer versions of Visual Studio should also work, but the Makefiles might need a bit of tweaking. Patches in this area greatly appreciated.
- Install Cygwin, selecting the following packages:
- Install BoostPro. Choose Visual C++ 8.0 and Multithreaded debug, static runtime.
- Install WinPcap.
- Download and extract the Mozilla SDK (Gecko 1.9.2).
- From a Cygwin command prompt: Run autogen, specifying the path where you extracted the Mozilla SDK to (
./autogen.sh --with-xulrunner-sdk=/path/to/sdk) then run