Kismet Wireless

Kismet Forums

 

Posted by:dragorn
Subject:Kismet & Password Capturing
Date:22:26:05 24/11/2009

> I am trying to have Kismet listen to my home wireless network and see what it can pick up.
>
> Basically, I wanted to see if one of my neighbors was running Kismet, could they receive anything.
>
> Just as a test, I turned off WPA2 and had it open, with MAC filter.
>
> I purposely logged in to my local web server that had no HTTPs, yet Kismet dump file after running it through Wireshark only shows me making a connection yet no details about what was the HTTP traffic especially user and password.
>
> I'm kinda confused because a few web sites mention that it can pick up passwords, but in every test I did, it never caught my password.

If you're channel hopping then kismet probably won't see all your data.

Capturing anything unencrypted is absolutely possible. You shouldn't be using HTTP sites however if they have passwords, since anyone anywhere else between you and the site can capture your password, too. Use HTTPS.

-m


Reply to this message