Friday, November 19, 2010

Compiling Firesheep on Linux

If you follow the (security) news a bit, you've undoubtedly heart about Firesheep. This tool makes it very easy to listen in on public WiFi connections and intercept HTTP Cookies from a plethora of social networking sites and mail services.

This has been possible for a long time (some tcpdump filters and some cookie setting scripts and you're golden), but this tool makes it insanely easy. You can check out the tool and its description on the main site.

The site mentions that Linux support is on the way, and recently it has become possible to successfully compile the tool on Linux. This is what I did to get it running on Ubuntu 10.10.

cd ~git clone git://github.com/mickflemm/firesheep.git
cd firesheep/
./autogen.sh --with-xulrunner-sdk=/usr/lib/xulrunner-devel-1.9.2.12

This will configure the makefile, this will probably fail until you have installed all the right dependencies. Below are the ones I was missing, yours might differ! Check the output for hints on which package you need to install.

sudo apt-get install libxul-dev xulrunner-devsudo libpcap-devsudo libhal-dev
# Now configure should succeed:
./autogen.sh --with-xulrunner-sdk=/usr/lib/xulrunner-devel-1.9.2.12

We now need to make a small change to the makefile.

gedit mozpopen/Makefile

Change the MOZ_CFLAGS = ... line to:

MOZ_CFLAGS = -fshort-wchar -I/usr/lib/xulrunner-devel-1.9.2.12/include -I/usr/include/nspr

Now we start compiling.

make

This will probably fail with the message:

make[1]: *** No rule to make target `deps/http-parser/http_parser.c', needed by `../xpi/platform/.../firesheep-backend'.  Stop.

This is fixed by running a submodule update:

git submodule update --init

And make again:

make

You'll now have an extension in the build directory. Drag the .xpi to Firefox to install Firesheep, then close Firefox completely.

Firesheep expects your wireless interface to be in monitor mode. The easiest way to do this is to use airmon-ng:

sudo airmon-ng start eth1 #Substitute your wireless interface name

Now start Firefox with root rights:

sudo firefox

Go to Tools → Add-ons, and open the Firesheep Preferences under the Extensions view. Another window opens. Set the Capture Interface to mon0.

Press CTRL+SHIFT+S to open the Firesheep sidebar and to start capturing.

Good luck. Also, be sure to check out Blacksheep, a tool to detect Firesheep tampering on your network.

8 comments :

  1. Thanks for the tutorial. I ran into one problem that you didn't cover; on my machine I was getting a "ReferenceError: cc is not defined".
    I got around the problem with the help of https://github.com/codebutler/firesheep/issues#issue/8/comment/556044
    and when starting Firesheep I had to select mon0.

    ReplyDelete
  2. I see. I take it you had to (re)install libpcap?

    I mentioned mon0 in the last part ("Go to Tools → Add-ons, and open the Firesheep Preferences under the Extensions view. Another window opens. Set the Capture Interface to mon0."). :)

    Blogger also ate some of my line breaks in the code (again), fixed.

    ReplyDelete
  3. Hello macu,
    first of all grat blog,
    second: i need libxul, i'm running 10.10 x64 where did u get it?

    thanks,
    Gianni

    ReplyDelete
  4. @Gianni

    sudo apt-get install libxul-dev

    should take care of that.

    ReplyDelete
  5. Thanks µacuyiko, this was very useful. I compiled for Fedora 14 x86_64 and it works like a charm.

    I just wanted to add that I had to use an additional trick (I was getting the "ReferenceError: Cc is not defined" error) before the ./autogen bit thou:

    "So, the quick fix is changing a little thing in backend/src/linux_platfrom.cpp: line 48, "throw ex;" in something less harmful as "return string("ERROR");"."

    I found that at:
    https://github.com/codebutler/firesheep/issues#issue/8

    After that I used your guide and, like I said before, it now works like a charm on Fedora 14. I just had to the xulrunner directory to "/usr/lib64/xulrunner-sdk-1.9.2".

    PS: The deps for F14 are called a little diffrent (libtool autoconf libpcap-devel boost-devel boost-mpich2-devel boost-openmpi-devel hal-devel xulrunner-devel hal-libs).

    Thanks man!!

    ReplyDelete
  6. Just built FireSheep for Fedora 15 using:

    https://github.com/codebutler/firesheep.git

    using commit c3f26dd8d1efb788cde0af8b8e6242e290b21160

    Instead of:

    git submodule update --init

    I had to do:

    git submodule init
    git submodule sync
    git submodule update

    Before running make, I updated xpi/install.rdf to allow for Firefox 8.

    ReplyDelete
  7. I really appreciate the way you write

    ReplyDelete