Results 1 to 8 of 8

Thread: news report vid on web showing wireless hacking

  1. #1
    Just burned his ISO
    Join Date
    Jan 2009
    Posts
    18

    Default news report vid on web showing wireless hacking

    hello again !
    i remember a wile back ive seen a vid on the net showing a news report
    the reporter was in a van with a guy hacking someones home network and the program they used looked like it was showing the web pages the home owner was viewing they were able to see that his was booking a vacation, got the dates he was going to be away and everything.
    anyone see that vid ? i cant find it anymore
    is there anything included in backtrack3 that shows what webpages are being viewed on your network on the fly ?like how driftnet works showing pictures
    from on a wireless laptop
    Grammar takes to long.

  2. #2

    Default

    viewing as you describe, would be vnc. There is no other way to replay web traffic as in a browsing session, except with extremely sophisticated simulation software feeded by the traffic...

  3. #3
    Junior Member
    Join Date
    Sep 2008
    Posts
    32

    Cool

    I recall that video.. He didn't tell you the steps but I'm positive the victim had an open wireless connection. The attacker connected and used wireshark. He then compiled the packets in wireshark to semi-show the http in a browser that the guy was browsing. Highly unlikely to be VNC. Though I'm curious how he bypassed the https to be able to get credit information and travel booking. I'm pretty sure you can't compile encrypted packets without a ... I don't ****ing know. it's second semester in IT.. so please call me out on something i said wrong.
    There will be no shelter here. The front-line is everywhere.

  4. #4
    Senior Member ShadowKill's Avatar
    Join Date
    Dec 2007
    Posts
    908

    Default

    Quote Originally Posted by gromeo View Post
    viewing as you describe, would be vnc. There is no other way to replay web traffic as in a browsing session, except with extremely sophisticated simulation software feeded by the traffic...
    Oh, you mean like using the "Follow TCP Stream" feature in Wireshark? Sure it doesn't look very pretty, but you can rebuild the files yourself if you wanted to. Want something "prettier"? Use airodump-ng to capture a bit of data, run airdecap-ng on your new .cap file and then run your favorite sniffers on said file: driftnet, msgsnarf, urlsnarf, dsniff and ngrep. Save the output and view away. Not exactly perfect, but it works.

    PS, I almost forgot: you can use WifiZoo to snort cookies for authenticated sessions and set them into your browser. Makes replaying a bit easier



    "The goal of every man should be to continue living even after he can no longer draw breath."

    ~ShadowKill

  5. #5
    Senior Member ShadowKill's Avatar
    Join Date
    Dec 2007
    Posts
    908

    Default

    Quote Originally Posted by nokuku4u View Post
    I recall that video.. He didn't tell you the steps but I'm positive the victim had an open wireless connection. The attacker connected and used wireshark. He then compiled the packets in wireshark to semi-show the http in a browser that the guy was browsing. Highly unlikely to be VNC. Though I'm curious how he bypassed the https to be able to get credit information and travel booking. I'm pretty sure you can't compile encrypted packets without a ... I don't ****ing know. it's second semester in IT.. so please call me out on something i said wrong.
    Ettercap and the like can "bypass" SSL-traffic by issuing fake certs.



    "The goal of every man should be to continue living even after he can no longer draw breath."

    ~ShadowKill

  6. #6
    Member
    Join Date
    Jan 2010
    Posts
    140

    Default

    Quote Originally Posted by Nlantz View Post
    hello again !
    i remember a wile back ive seen a vid on the net showing a news report
    the reporter was in a van with a guy hacking someones home network and the program they used looked like it was showing the web pages the home owner was viewing they were able to see that his was booking a vacation, got the dates he was going to be away and everything.
    anyone see that vid ? i cant find it anymore
    I believe this is the video you're referring too.
    http://www.youtube.com/watch?v=A88XB7_Jz7s
    is there anything included in backtrack3 that shows what webpages are being viewed on your network on the fly ?like how driftnet works showing pictures
    from on a wireless laptop
    Yeah, what ShadowKill said.

  7. #7
    Just burned his ISO
    Join Date
    Jan 2009
    Posts
    18

    Default

    Yea thats the vid
    found that vid about ettercap and arp poisoning then using webspy right after posting this
    in that video it kinda looks like the same thing after booking a trip online you get a page poped up that shows your itinerary with all that info on it - the credit card crap but im sure that was just a cutshot showing someone enter in a bunch of ****'s
    crazy stuff been trying some out on my wii internet and downstairs pc
    seems like 15 min after i post something because i cannot find the answer things work out for me
    in that case . where can i get some winning loto ticket numbers ?
    Grammar takes to long.

  8. #8

    Default

    Quote Originally Posted by larryhaja View Post
    I believe this is the video you're referring too.
    http://www.youtube.com/watch?v=A88XB7_Jz7s
    Just for the OP to know the show he watched was called "The Real Hustle" and the whole thing was staged. They would be sued if they claimed to be from OFCOM in which they were not. I think there are a few threads in this forums archive that discuss the video.

    You can also use tools like: httpcapture, webspy and urlsnarf. There are several ways to approach this. Building up the webpage via text gatherings as ShadowKill said is another approach.

    There is more than one way to skin a cat

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •