DEV Community

eliastooloee
eliastooloee

Posted on

All Your Packets Are Belong To Us

While we’re often told that privacy no longer exists and that everything we do online is recorded for eternity, few of us really take it to heart or realize just how vulnerable we are to individual hackers, snoopers, and fraudsters. To demonstrate this vulnerability, I will show just how much personal information an individual with access to a laptop can collect over a shared Wifi network. Remember, I have no idea what I’m doing, I’m just a guy who googled and found some free tools. An expert could almost certainly do much more.

First, let’s look at what we can do using only applications included on a newish MacBook Pro. If we go to Finder > Locations > Network we can see all the other computers connected to the network we’re currently using. Depending on the owner’s share settings we may be able to view their screen or access their files. You can protect yourself against this vulnerability (on a Mac) by going to System Preferences > Sharing and making sure everything is turned off. Unfortunately, many users ignore these settings or are unaware of them. Remember, this is in a building full of software developers, who should theoretically be much more aware of this sort of thing than the average computer owner, yet we still see more than a dozen computers allowing either screen or file sharing. We won’t access any of these computers since it would be a massive violation of workplace privacy (and also potentially illegal), but if we wanted to it would be as easy as clicking on them.

Moving on from the basics, if we open Network Diagnostics and go the Window tab in the menu bar we can select Sniffer, which will allow us to collect WiFi traffic over the network we are connected to. This traffic will be stored in a folder called var/temp. This folder is generally hidden from view, but can be accessed by opening your terminal and entering the command open $TMPDIR. Our computer doesn’t contain a good application for viewing these files, so we’ll need to download one. Wireshark is free and is considered the standard choice, so we’ll go with that. After downloading Wireshark we can open the .pcap file generated by our sniffer and examine the data within. As an easier option, Wireshark includes sniffer functionality, so we can just use that. To do so we select the network interface we want to sniff, then click start live capture. We will then see a stream of packets. As an example we will now go to a website in our browser and login (choose an unsecured website). After successfully logging in, we can go back to Wireshark and click stop live capture. We can then use the filter on Wireshark to look at only http requests collected while we were sniffing. We’ll look under the ‘info’ column for any POST requests. We can then click on the POST request (there should only be one since we had such a short capture) and look at its data. We can then scroll down until we see a section called HTML Form URL Encoded. Looking inside this section we can see both the email and password used to login. We may have performed this example exclusively on our own computer, but it will work for any computer on a shared network, as long as the site is not secured (HTTPS). There is a way to do the same thing for secured sites, but it is very illegal and could be quite useful to those with bad intentions, so we won’t cover it here.
That’s it for today, but check back later this week for more posts on this topic in greater detail. This post will also be updated with images this afternoon. Hopefully you’ve now seen how risky shared networks can be. Maybe just use your data instead of connecting at Starbucks.

Top comments (0)