On Thursday, August 30, 2018 at 6:07:31 PM UTC+2, Scott Kingery wrote:
... The contents of the wiki I'm using to test this would put any attacker to sleep if they did see the traffic over the wire :)
Not really,
- You may use the same or similar username for different other accounts.
- I'm sure you use different passwords for different accounts. right?
- The password length would be of interest.
- Many humans are "driven by habit". So I could guess that your TW password isn't much longer than those you use for your other internet accounts
- It would be interesting if your TW PW contains "special chars" ... If it doesn't your other PWs may be weak too.
- Your username may contain an email address
- e-mail addresses are always interesting.
- ...
If only 1 of the above assumptions is true, sniffing your TW traffic will be of interest. ...
So I personally would _never_ fill out any forms, using unencrypted traffic in a public usable / viewable WiFi network!
Just my 2cents.
have fun!
mario