Kismet Wireless

Kismet Forums

 

Posted by:reddiepenguin
Subject:Kismet & Password Capturing
Date:09:11:15 26/11/2009

> > > > I must be missing something important, because I disabled channelhop by setting it to false and I also put Ch 6 in for "source" so that it goes only on 6.
> > > >
> > > > It seems to capture passwords well and can somewhat pick up the "Directory Listing" that Apache gives, but it never seems to capture the moment passwords are given, and I'm 100% not using any type of encryption.
> > >
> > > Maybe your drivers suck and don't report all packages.
> > >
> > > Kismet doesn't do any sort of filtering, so unless the packets are not being reported by the drivers, or are mangled beyond being identifiable as 802.11, they'll show up.
> > >
> > > -m
> >
> > I will have to look in to it, I'm using Ubuntu 9.10 with b43, which seems to work in Kismet fairly well.
> >
> > I will have to keep on playing around with it to see what's going on, but like you said, it should be seeing the said packets.
>
> I decided to try it again to see debug it and see what I could be doing wrong and this time it did definitely pick up my test username and password.
>
> I don't know if it accidentally missed it before or what, but it definitely got it this time.
>
> I'm going to check my previous dump files to make sure I didn't just not see the correct area in Wireshark.

I guess I was not looking in the right place after all. I guess technology is only good past human error. LoL.

Anyway, I'm still shocked places like MySpace don't use HTTPs, because someone could do some damage to you getting in to your account, possibly sending inappropriate emails or something. (Kismet nicely showed the complete MySpace login, and I was like, can we make it any easier for hackers?) Seems Facebook is using encryption though, so guess they figured it out.

I'm thinking always using a VPN or SSH forwarding, especially being on an open access point in many places.

Glad Kismet was invented, to really show people how horrible passwords are with HTTP.


Reply to this message