Results 1 to 8 of 8

Thread: Trying to figure out a program to write. . . . Facebook sniffer?

  1. #1
    Very good friend of the forum Virchanza's Avatar
    Join Date
    Jan 2010
    Posts
    863

    Default Trying to figure out a program to write. . . . Facebook sniffer?

    OK I'm cutting it close to the wire to think of a program to write for fourth year of my Computer Science course.

    All I've decided so far is that it's gonna be a desktop GUI application written in C++ (just like my Dynamo program), and that it will run on at least Linux, MacOS and MS-Windows.

    I was thinking of a Facebook sniffer program. Basically it would listen out on a wireless network for packets going to the Facebook servers and it would extract information from these packets, such as the person's display name, their e-mail address login, their profile picture and their password.

    So you could go to a public hotspot, run my program and see a list of users who are currently logged on to Facebook from that access point, with their display name and profile picture shown. (And maybe even their password too, I'll have to have a think about that).

    The easiest thing to listen out for would be the packet that's sent from a PC to log a user into Facebook, as it would contain the e-mail login and password, and then I could retrieve the user's profile picture along with their display name.

    If I don't catch the packet that logs a user in, then maybe I could listen out for subsequent packets that contain cookies, but I'm guessing the cookies might contain info only intelligible to the Facebook servers.

    Anyway.... any ideas? Do you think this would be a decent program to put together? (Obviously it won't work if people log in under https).

    Any other ideas, I'm all ears.... I really need to submit a proposal this coming week :-O
    Last edited by Virchanza; 10-30-2011 at 11:23 PM.
    Ask questions on the open forums, that way everybody benefits from the solution, and everybody can be corrected when they make mistakes. Don't send me private messages asking questions that should be asked on the open forums, I won't respond. I decline all "Friend Requests".

  2. #2
    Senior Member
    Join Date
    Jul 2011
    Posts
    236

    Default Re: Trying to figure out a program to write. . . . Facebook sniffer?

    Virchanza,

    How about a proggie that will parse the contents of packets for emails and then reconstruct them? It would be based off a two-way MITM. I've always had the idea because it's fun to look at emails this way, but I've never seen anything in the wild specifically designed to do so.
    V/r,
    Snafu
    Pffbt..[quote]I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me... Or feels threatened by me.. Or thinks I'm a smart ass.. [/quote]

  3. #3
    Senior Member
    Join Date
    Jan 2010
    Posts
    126

    Default Re: Trying to figure out a program to write. . . . Facebook sniffer?

    hello virchanza,

    would this be sort of building a gui for ComaX's YAMAS script or similar coding for a gui based network/credentials sniffer? It sounds like a neat idea for a project. I do not mean to come off as rude at all by suggesting this ; but perhaps take a look at some of the GUI tool *interfaces* made by savioboyz. the only word to describe them is *elegant*.

    look foward to seeing what you create

  4. #4
    Very good friend of the forum Virchanza's Avatar
    Join Date
    Jan 2010
    Posts
    863

    Default Re: Trying to figure out a program to write. . . . Facebook sniffer?

    Spanner in the works!

    I had Wireshark running just there while I logged into Facebook using normal HTTP, but straight away I saw a TLSv1 packet originate from my computer going towards the Facebook server.

    Wasn't expecting that.

    Yeah this project might be a no-goer...... I'd have to do Man In The Middle and play around with dodgy certificates.
    Ask questions on the open forums, that way everybody benefits from the solution, and everybody can be corrected when they make mistakes. Don't send me private messages asking questions that should be asked on the open forums, I won't respond. I decline all "Friend Requests".

  5. #5
    Just burned his ISO theAud1t0r's Avatar
    Join Date
    Nov 2011
    Location
    Dark Side of the Moon
    Posts
    6

    Default Re: Trying to figure out a program to write. . . . Facebook sniffer?

    Quote Originally Posted by Virchanza View Post
    .... I'd have to do Man In The Middle and play around with dodgy certificates.
    If it were easy it would already be done ^.^
    More effort then your projects entails I assume..

    Good luck though.. hope you come up with something 1337..

  6. #6
    Junior Member M00kaw's Avatar
    Join Date
    Oct 2010
    Location
    127.0.0.1
    Posts
    47

    Default Re: Trying to figure out a program to write. . . . Facebook sniffer?

    How about something that spoof's ssl-keys ?

    Im thinking, if you ssh to a linux server, ssh will ask you to accept the key for that specific server.
    Lets say, that you're a man-in-the-middle and I join, the first thing i do is to ssh to my server. You see the request and quickly ssh to my server too, gettinig the key.
    Now, you're using that key towards me, that way my ssh-client wont notice a thing. I enter the password, and you save it.
    Then you "stop" the man-in-the-middle attack towards me, and i can go ssh to my server like nothing has happend...

    Dunno if that sounds plausible, but I think that's an app i haven't come across yet..
    Gui or nor really doesn't matter to me tbh - but, this will work on multiple operating systems i guess.. And it wall make a great foundation for a nice report on the subject..

    Just an idea i've had for some time...
    Remember to pulbish it under GNU licens when you're done

  7. #7
    Senior Member
    Join Date
    May 2010
    Posts
    198

    Default Re: Trying to figure out a program to write. . . . Facebook sniffer?

    this - something that accepts the cert and either forwards it or uses another cert. This way the the page is still https rather than stripping it out to http.

    Quote Originally Posted by M00kaw View Post
    How about something that spoof's ssl-keys ?

    Im thinking, if you ssh to a linux server, ssh will ask you to accept the key for that specific server.
    Lets say, that you're a man-in-the-middle and I join, the first thing i do is to ssh to my server. You see the request and quickly ssh to my server too, gettinig the key.
    Now, you're using that key towards me, that way my ssh-client wont notice a thing. I enter the password, and you save it.
    Then you "stop" the man-in-the-middle attack towards me, and i can go ssh to my server like nothing has happend...

    Dunno if that sounds plausible, but I think that's an app i haven't come across yet..
    Gui or nor really doesn't matter to me tbh - but, this will work on multiple operating systems i guess.. And it wall make a great foundation for a nice report on the subject..

    Just an idea i've had for some time...
    Remember to pulbish it under GNU licens when you're done
    "Never do anything against conscience -- even if the state demands it."
    -- Albert Einstein

  8. #8
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default Re: Trying to figure out a program to write. . . . Facebook sniffer?

    Left field, something I've been working on lately. Purely for hypothetical purposes of course .

    Fake emails into a mailbox.

    So that you could say:

    On the 23rd of August 2003 I received an email from gitsnik@hiswebhost.com which said "x, y and z, regards, gitsnik" with an attachment of "bleh" and a sending mail program of X. Oh and here are the mail headers I also received, the route the email took etc.

    It's kind of fun, it's not as public as facebook, but it would be truly terrifying to a lot of people if they actually realised this is possible in so many circumstances. IMAP connections are my particular favourite at why this is scary. At least with my clients, there is an innate trust in the email system. They have trouble believing that people can make an email say from:gitsnik@webhost.com to:gitsnik@webhost.com without them sending it themselves. Imagine how they react when you show them that nothing in there is sacred.

    My $0.02.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

Similar Threads

  1. Facebook & Linkedin
    By hackmaf in forum Discusion General
    Replies: 1
    Last Post: 01-28-2011, 10:03 PM
  2. Replies: 3
    Last Post: 06-13-2009, 03:24 PM
  3. Facebook account
    By robjay666 in forum OLD Newbie Area
    Replies: 21
    Last Post: 10-14-2008, 03:01 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •