Re: #security I'm in your wifi, stealin' your data.

1 view
Skip to first unread message

Mark

unread,
Oct 25, 2010, 2:39:44 AM10/25/10
to hacker...@googlegroups.com
Hi all,

With regards to my #sniff talk to BCSG6 on how one can steal data straight off the air and with arp based attacks in public networks, someone seems to have taken it one step further this time with cookie based attacks.

Details here:
http://codebutler.com/firesheep

It's getting easier and easier to exploit and sniff data that is "private" (to you at least) so please be careful when using public wifi spots. They are *NOT* trusted.


Mark

Luther Goh Lu Feng

unread,
Oct 25, 2010, 3:34:36 PM10/25/10
to HackerspaceSG
Well this can also be additional material for your next #sniff
presentation http://www.renderlab.net/projects/WPA-tables/

Shaun Martin

unread,
Oct 25, 2010, 10:50:59 AM10/25/10
to HackerspaceSG
Has anyone tried this in Singapore on a wireless@sg connection? (I'm
wondering if the fact that you need to sign in using a password
reduces the risk.)
- Shaun

On Oct 25, 2:39 pm, Mark <m...@edgewire.sg> wrote:

Chow Loong Jin

unread,
Oct 25, 2010, 4:48:29 PM10/25/10
to hacker...@googlegroups.com
On Monday 25,October,2010 10:50 PM, Shaun Martin wrote:
> Has anyone tried this in Singapore on a wireless@sg connection? (I'm
> wondering if the fact that you need to sign in using a password
> reduces the risk.)

Theoretically speaking, yes, it should work. Even if you did not use Firesheep,
you could just fire up wireshark or airodump-ng and do the capturing and
extraction manually.

In fact, I believe that even the wireless@sg login page you get redirected to is
vulnerable to sslstrip, which we demonstrated using paypal as an example during
the #sniff talk at BarcampSG6.

--
Kind regards,
Chow Loong Jin

signature.asc

Mark

unread,
Oct 25, 2010, 10:24:29 PM10/25/10
to hacker...@googlegroups.com

All firesheep does is to basically turn the above into a pretty fancy GUI which you can point click and press GO and you'll get the same results really. Come to think of it, might actually do a paper on how terribly insecure wireless@sg is, even with their "ssl" web vpn which really seems to be rubbish at first glance. Going to need new hashtag for this.

Kind regards,

Mark

Meng Weng Wong

unread,
Oct 25, 2010, 10:29:41 PM10/25/10
to hacker...@googlegroups.com
years ago i used to run http://www.etherpeg.org/ at conferences, for the lulz. putting it onscreen before your presentation starts is a sure way to get the crowd's attention.
 

Meng Weng Wong

unread,
Oct 25, 2010, 10:32:34 PM10/25/10
to hacker...@googlegroups.com
On Mon, Oct 25, 2010 at 2:39 PM, Mark <ma...@edgewire.sg> wrote:
Details here:
http://codebutler.com/firesheep


Gmail has a config option to always upgrade my connections to https.

Does Facebook offer similar?

 

Mark

unread,
Oct 25, 2010, 10:34:34 PM10/25/10
to hacker...@googlegroups.com

I don't believe so. As long as it's not point to point https, anything with a 302 redirect can be hammered with this and sslstrip/sniff. Makes me wonder why no one bothers with DNSSEC, VPNs etc.


Kind regards,

Mark

Alvin Jiang

unread,
Oct 25, 2010, 10:56:07 PM10/25/10
to hacker...@googlegroups.com
http://www.infocomm123.sg/wireless_at_sg/ssa

Wireless@SGx - 802.1x authentication and encryption for Wireless@SG

Max Cantor

unread,
Oct 26, 2010, 1:29:30 AM10/26/10
to hacker...@googlegroups.com
https://www.eff.org/https-everywhere <- eff tool to force HTTPS on commonly used websites (facebook, gmail, twitter etc) that will allow it.

Max

> --
> Chat: http://hackerspace.sg/chat

Kheng Yew

unread,
Nov 5, 2010, 9:11:50 AM11/5/10
to HackerspaceSG
Take a look at http://www.backtrack-linux.org/

Pretty much an all-in-one.


On Oct 26, 10:29 am, Meng Weng Wong <mengw...@gmail.com> wrote:
> years ago i used to runhttp://www.etherpeg.org/at conferences, for the
Reply all
Reply to author
Forward
0 new messages