Herding FireSheep with FireShepherd

FireShepherd offers a temporary solution to the current threat of people sniffing Web 2.0 cookies with the FireSheep plugin.

The description of FireShepherd provided by the author is:
“FireShepherd, a small console program that floods the nearby wireless network with packets designed to turn off FireSheep, effectively shutting down nearby FireSheep programs every 0.5 sec or so, making you and the people around you secure from most people using FireSheep.”
The sourcecode for this little utility is very simple and can be downloaded here:
It works by preparing a HTTP GET packet:

GET /packetSniffingKillsKittens HTTP/1.1
User-Agent: Mozilla
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: is,en;q=0.7,en-us;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: lsd=spsse; c_user=666660000; sct=01010101; sid=0; xs=3randomhashyes666666666; asdf=??????????????!!!!!!!!!!!!!!!!!!!![MALFORMED_DATA]

This packet is sent onto the network to be sniffed by FireSheep. By providing a malformed cookie to be captured, the current version of FireSheep causes an error and ceases sniffing.
This by no means provides a perminent fix to the current issue of session-hijacking, but provides a DOS attack until a workaround (or another version of FireSheep) is released.
Advertisements