sniffing

31 Articles

New WPA TKIP Attack

November 9, 2008 by 7 Comments

wifibox

[Martin Beck] and [Erik Tews] have just released a paper covering an improved attack against WEP and a brand new attack against WPA(PDF). For the WEP half, they offer a nice overview of attacks up to this point and the optimizations they made to reduce the number of packets needed to approximately 25K. The only serious threat to WPA so far has been the coWPAtty dictionary attack. This new attack lets you decrypt the last 12 bytes of a WPA packet’s plaintext and then generate arbitrary packets to send to the client. While it doesn’t recover the WPA key, the attacker is still able to send packets directly to the machine they’re attacking and could potentially read back the response via an outbound connection to the internet.

[photo: niallkennedy]

[via SANS]

Eavesdrop On Keyboards Wirelessly

October 20, 2008 by 71 Comments

[vimeo http://vimeo.com/2007855%5D

Every time you press a key on your keyboard, a small burst of electromagnetic radiation is let out. This radiation can be captured and decoded. Though it only affects some models, this is pretty serious. They tested 11 different keyboards and they were all vulnerable to at least one of the four methods of attack. Tests have shown that the data can be read through walls and up to 65 feet away. That is pretty scary stuff. Someone could be setting up in the apartment or office right next to yours to listen to every keystroke you type.  Check out the second video after the break.

Continue reading “Eavesdrop On Keyboards Wirelessly”

WarBallooning At Defcon

July 30, 2008 by 3 Comments

[rocketman] has posted about a new event at Defcon dubbed WarBallooning. They are using a Kismet drone (a modified WRT54G), a webcam, and a few high gain antennas. The balloon will be launched at about 15 stories and will be remotely fed targets chosen directly by the Defcon participants. The the directional antenna will be mounted to the camera so pan and tilt can be controlled. The Kismet CSV files will be available for everyone after the event.

If you are interested in WarDriving or building you own high-gain antennas, we suggest you check out this WiFi biquad dish antenna mounted on a car. If cars are too boring, or you do not have one, you could always go WarSailing or WarFlying. Yes, the permutations are endless.

[photo: JoergHL]