kstrauserop4 days ago
The Def Con security conference has open wifi, and people make a game of trying to capture packets of others trying to log into non-SSL websites. If successful, they post the credentials on the “Wall of Sheep”.
One year I got the idea to try to exploit the Wall. I didn't succeed but had great fun trying!
cnewey2 days ago
Really enjoyed this story, thanks for sharing!
kstrauserop2 days ago
You bet! It was a lot of fun to do and to write up afterward.
mystraline2 days ago
There was a person who captured a Logitech Starburst V2 packet capture from one of their management machines.
Using a tool called JackIt, demonstrated either sniffing all text from a keyboard, OR injection of an emulated keyboard through the dongle.
IIRC, the mouse was a clone Logitech that was even plugged in to charge.
hackernudes2 days ago
Ok this took me a minute to parse.
Someone at DEFCON captured the wireless data from a mouse/keyboard dongle. The dongle was connected to a computer that belonged to the organizers, possibly managing the Wall of Sheep. They were able to capture and/or simulate input from/to the dongle.
Nice.
mystraline2 days ago
Yep, that's correct. Probably shouldnt post here tired!
I saw it on the defcon subreddit. Post was deleted, but IA made a snapshot.
https://web.archive.org/web/20220428221916/https://www.reddi...
gryfft2 days ago
> They grinned: “it’s just some old software we run.”
Ha! There are layers of lessons to be learned here.
kstrauserop2 days ago
Right? Huh, we need a tech stack that happily survives one of the most hostile networks in the world. Shall we update to a React SPA? Perhaps not.
bsder2 days ago
Quote of TFA:
> I asked the Shepherd how a login goes from being captured to being shown on the Wall of Sheep. Their reply doomed our fun: “I’d type it in.” Oh no. That’s not good. “Isn’t it automatic?”, I asked. The Shepherd paused to rub the bridge of their nose. “Well,” they sighed, “it was until people started sending a bunch of vile usernames and passwords and kind of ruined it2, so now we have to moderate the process.”
kstrauserop2 days ago
Some people take pride in ruining it for everyone.
netsharc2 days ago
I guess it shows even mere mortals attend Def Con. Thinking that website authentication is still being done with Basic Auth? Come on...