I'm Attending Defcon this August, advice?
Lisa Kachold
lisakachold at obnosis.com
Fri Apr 19 09:16:25 MST 2013
Do you know who you are asking/arguing with here? I might ask you to come
to my hackfest and login to my AP, and I will show you <evil smile>...
Here's your research list:
arpspoof [arp rarp nature of tcp/ip and the linux kernel]
sslstrip [sslstrip decode packets including auth/password and url - run
tool to get a list of everything victim sends out or accesses]
https://sickbits.net/mitm-stealing-your-creds/
http://www.packtpub.com/article/backtrack5-advanced-wlan-attacks (Don't buy
their Backtrack5 guide - BTW - come to our Hackfests)
PLUG Hackfests at DeVry University 2nd Saturday 10:00 - 2:00 PM -
Lab/Presentation Hackfest with targets and trainers
On Fri, Apr 19, 2013 at 8:46 AM, Ted Gould <ted at gould.cx> wrote:
> **
> On Fri, 2013-04-19 at 06:18 -0700, Lisa Kachold wrote:
>
> If you take that Ubuntu install to DefCon and connect to the network
> there, every place you connect with/to authenticate to/with will be
> endangered. All of the sites you visit irregardless of protocol
> (encryption) will provide login/password and URL to others listening and
> MITM'ing.
>
>
> So you're assuming SSL is decrypted or the certificate authority is
> compromised? URL for sure, but I'm unsure how you could be saying
> login/password would be automatically available.
>
> Ted
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
--
(503) 754-4452 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
**
it-clowns.com
Chief Clown
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20130419/3ead09d9/attachment.html>
More information about the PLUG-discuss
mailing list