Wireless Security
win xp wirless drivers and promisc mode Jan 16 2011 10:55PM
Chris Hammond-Thrasher (thrashor gmail com) (1 replies)
Re: win xp wirless drivers and promisc mode Jan 17 2011 03:03AM
Joshua Wright (jwright hasborg com) (1 replies)
Re: win xp wirless drivers and promisc mode Jan 17 2011 07:26PM
Chris Hammond-Thrasher (thrashor gmail com)

(Loved your SANS course, btw. Did it onDemand last year.)

Interesting to have the limited Windows driver support confirmed. Thanks.

The hypothesis that I was attempting to confirm in the lab is whether
Firesheep really is so easy that my 97 year old aunt could sidejack
facebook (or whatever) sessions. It sounds like this may be true for
97 year old Mac users, but not for the majority of users on Microsoft
platforms. Firstly, my Windows XP using aunt would have to download
and install winpcap, then she'd need a driver/chipset combination that
is capable of going promiscuous in managed mode, then download and
install Firesheep from github, and then she can head down to Starbucks
and teach those potty-mouthed kids with their laptops a thing or two.

In summary if you want to see sidejacking on open wifi in action,
unless you are a Mac user, you are STILL better off to boot your
windoze box with a Linux live cd/usb drive and use ferret/hamster or
wifizoo, as ANELKAOS suggested.

Hypothesis disproved.


Chris Hammond-Thrasher
thrashor (at) gmail (dot) com [email concealed]
gpg key fingerprint 3A27 0754 C0DD 6D3D 5E79 E4CF AF2A BE86 B0A6 367C

On Sun, Jan 16, 2011 at 8:03 PM, Joshua Wright <jwright (at) hasborg (dot) com [email concealed]> wrote:
> On 1/16/2011 5:55 PM, Chris Hammond-Thrasher wrote:
>> been trying out firesheep under win xp with a couple of platforms in the lab
>> (an rt8187 and an ar5007eg). so far, neither are willing to go into
>> promiscuous mode. is this common with windoze drivers?
>> firesheep is much less easy for the average jane and joe if you have to arp
>> poison to make it work, and easy was the point, right?
> Very true, few Windows drivers support promiscuous mode.
> The Firesheep developers used OS X as their primary development target,
> where it works like a champ with little end-user difficulty.  Windows
> users aren't so fortunate, though if someone wanted to spend some time
> it would be possible to use the NDIS 6.0 monitor mode support with
> Firesheep with all Windows native-wifi drivers.
> -Josh

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus