Blacksheep Tutorial | Detect Firesheep and Secure your public WiFi access.

In one of my last post I wrote about "Firesheep Tutorial" which can be used to get control of user's session.Here in this tutorial I will discuss about a firefox addon called "Blacksheep" that can detect firesheep in the network.So lets start...

What is a Blacksheep?

It is a firefox addon that detects firesheep in an open or public wifi network.The credit goes to Zscaler  for bringing it out.It is made by using the source code of firesheep and taking into consideration the working of the same.


How it works?

As I explained in my post on firesheep that it traps the cookies of the user's session and uses the same to login to the listed websites.Here what the blacksheep does is that it has got the list of the same website in it so when it is the network it generates fake cookies of those sites listed in firesheep in every 5 minutes(you can change it)and if in case someone is using firesheep and traps the same fake cookie(of blacksheep) then blacksheep gives an alert with the IpAddress of the attacker system.It actually exploits the weakness of firesheep of not able to differentiate between fake cookies(of blacksheep) and the original(generated during user session).
 Note:Blacksheep wont protect session hijacking through firesheep rather will give an alert of its(firesheep) use in the network.
How to use it?

Warning: If "firesheep" is installed the same browser then disable it before using blacksheep.Because since firesheep also traps the cookie of the mother browser so the blacksheep may pop an alert with your own IpAddress.


Requirements:

1.Winpcap (Download)

2.Blacksheep Addon (Install)

3.Windows XP or later version (OS for this tutorial)

4.Firefox 3.5 or newer(32-bit)

5.Public or open WiFi (Suspecting Firesheep)


Configuration:

Step 1.Having set with all the requirements open up firefox.

Step 2.Disable firesheep if you have installed it as shown below.

Step 3.Follow the path Tools-->Add-ons in the top menu.

Step 4.Search for blacksheep in the add-ons list and click on options and change to your desired interval as shown below.
Working:

Here is the video from Zscaler on the working of blacksheep hope you will like it.




Credit : http://research.zscaler.com/

"If you find this post useful and informative do post your comment and share it."
Suggest Article

Subscribe to Posts....

Enter your Email-ID and get "Security Tips and Hacking Tutorials"alert in your inbox,we promise to keep your email private and safe.

comment 3 comments:

Srivathsan G.K on November 20, 2010 at 3:53 PM said...

well written .. Maybe I should try this on a weekend. Bookmarked.

Satyajit (Admins,a.k.a Satosys) said...

Srivathsan Thanks that you liked it... :)

Keep visting... :)

Rakesh Kumar on December 30, 2010 at 12:32 PM said...

Firefox is essential part of my daily life and l love to hear about its updates. Thanks

Post a Comment

This blog is "DoFollow",Use a "Real Name" rather than using "Keywords" otherwise comment will be rejected.

Delete this element to display blogger navbar

 
© 2013 SecurityHunk All Rights Reserved and Template by Fresh Blogger Templates