Before we get into the rest of the article, we want to thank Robert Graham, founder and CEO of Errata Security, for showing us the “sidejacking” attack at this year’s BlackHat computer security convention. His sidejacking term referred to the way his two programs, “Ferret” and “Hamster”, are used in sniffing and replaying cookies. The freely downloadable programs don’t directly attack passwords or computers to access webpages and emails, rather they compromise the wireless network itself. You can read Graham’s sidejacking blog post here.
As with any hacking tutorial, some people will undoubtedly say we are facilitating illegal activity, but we think the benefit gained from this article will far outweigh any malicious use. The vast majority of people know that open wireless networks are dangerous, but no one has ever given them an “in your face” demonstration. It’s quite a sobering experience to see how easily your search terms and Google emails can be capture and we hope this article will spur businesses and home owners to secure their networks.
Also, these types of attacks on wireless networks have been going on for years because there have been automated sniffer tools available. Graham’s ferret and hamster tool basically do the same thing, but in a much more user friendly way.
Of course, our wonderful lawyers would like us to say that attacking someone else's laptop, without their permission,would be illegal. Therefore in this tutorial, you'll be sniffing traffic from a "victim" laptop that either you or a consenting friend or coworker own.
Attack Overview
The victim laptop will connect to the wireless network and surf the web like usual. The attacker will first need to scan for available networks with Kismet and then set his capture card to the same wi-fi channel as the target network. For the purposes of the tutorial, we are assuming that the attacker doesn’t know any information about the wireless network.
1 Comment
Add this link to...
Tell a friend
Bury
As with any hacking tutorial, some people will undoubtedly say we are facilitating illegal activity, but we think the benefit gained from this article will far outweigh any malicious use. The vast majority of people know that open wireless networks are dangerous, but no one has ever given them an “in your face” demonstration. It’s quite a sobering experience to see how easily your search terms and Google emails can be capture and we hope this article will spur businesses and home owners to secure their networks.
Also, these types of attacks on wireless networks have been going on for years because there have been automated sniffer tools available. Graham’s ferret and hamster tool basically do the same thing, but in a much more user friendly way.
Of course, our wonderful lawyers would like us to say that attacking someone else's laptop, without their permission,would be illegal. Therefore in this tutorial, you'll be sniffing traffic from a "victim" laptop that either you or a consenting friend or coworker own.
Attack Overview
The victim laptop will connect to the wireless network and surf the web like usual. The attacker will first need to scan for available networks with Kismet and then set his capture card to the same wi-fi channel as the target network. For the purposes of the tutorial, we are assuming that the attacker doesn’t know any information about the wireless network.
1 Comment
Add this link to...
Tell a friend
Bury
Add your crazy news here. Post it and vote it!
A barcode (also bar code) is a machine-readable representation of...This AVM is available 24/7, is fully secured in it’s own room, has two...We need to jump in here and stop the spread of some misinformation. A...You may find info for Detox & Lose Weight by using home Spa at:my ps3 is amazing. I have to see if that is possible.
that is...PC Games on the Playstation 3?
It's that possible?...StreamMyGame will extend its services in March 2008 to enable games to be...Do I need to combine my google account with myspace account?...
that is...PC Games on the Playstation 3?
It's that possible?...StreamMyGame will extend its services in March 2008 to enable games to be...Do I need to combine my google account with myspace account?...
Comments
Hacking WiFi networks is easier than i think.
What the hell is wrong with the wireless security ?