查看完整版本 : 截取同網絡的 data 之可行性

煙民母親生賤種 2017-12-28 02:33 PM

截取同網絡的 data 之可行性

e.g.
router : 192.168.11.1 (dhcp)

派 100 個 ip 給 users (192.168.11.2 ~ 192.168.11.101)

protocol : any (http , https, ftp, smb, etc....)

192.168.11.2 在網絡中輸入:
a) user name: chan tai man
b) password: abc123456

192.168.11.3 ~ 101 欲截取其 input, 是否可行? 或者有無案例已經是有人做到?

如何才能確保安全性做到以上情況[size=5][color=Magenta][u][b]不可行[/b][/u][/color][/size]?

請豬君指教一下小弟 :fst_016:(現實例子, 7-11, 勿當勞果 D free wifi ) :fst_016:

Susan﹏汪汪 2017-12-28 03:29 PM

求其Google 下

https://github.com/gpfduoduo/WiFiDetective

煙民母親生賤種 2017-12-29 03:10 AM

你個回覆同我個問題, 有乜關係? :fst_004:

wtf_name 2017-12-29 08:40 AM

以下內容只作討論網路安全性,從而提升網路安全意識,並不是教人去做犯法的事,如果有人因此從事不正當的事,個別人事或需負上刑事責任,與本人無關。

如果係wifi connection 就可以mon 晒d data
不過read 唔read 到係另一件事
https://www.google.com.hk/amp/s/www.androidauthority.com/capture-data-open-wi-fi-726356/amp/

如果係wired connection 似乎不可行。

另一個方法係自己扮wifi hotspot 即可capture 所有data, 但礙於有https 關係,即使做埋man in the middle 改 ssl cert 都無用,除非你有張公認的root cert 可sign 任何cert,否則user 會見到cert 無效。

再推一步係係個wifi hotspot 度做個假網站,張個網站變做http , 但唔太可行:只針對個別大網站,mobile apps 可能唔work,花太多時間去做假網站,用家如果用瀏覽器見無加密有機會知道。

結論:唔work

Susan﹏汪汪 2017-12-29 08:49 AM

[quote]原帖由 [i]煙民母親生賤種[/i] 於 2017-12-29 03:10 AM 發表 [url=http://www.discuss.com.hk/redirect.php?goto=findpost&pid=472989647&ptid=27147464][img]http://www.discuss.com.hk/images/common/back.gif[/img][/url]
你個回覆同我個問題, 有乜關係? :fst_004: [/quote]
咁呢個lor

https://en.m.wikipedia.org/wiki/Pcap

xianrenb 2017-12-29 09:09 AM

[quote]原帖由 [i]煙民母親生賤種[/i] 於 2017-12-28 02:33 PM 發表 [url=http://computer.discuss.com.hk/redirect.php?goto=findpost&pid=472964100&ptid=27147464][img]http://computer.discuss.com.hk/images/common/back.gif[/img][/url]
e.g.
router : 192.168.11.1 (dhcp)

派 100 個 ip 給 users (192.168.11.2 ~ 192.168.11.101)

protocol : any (http , https, ftp, smb, etc....)

192.168.11.2 在網絡中輸入:
a) user name: chan tai  ... [/quote]

基本上我唔識呢 d security 問題。
但我估可以看看 [url=https://en.wikipedia.org/wiki/Wireless_security]https://en.wikipedia.org/wiki/Wireless_security[/url] 開始找資料。
而我估可能性比較大的相關點子是:
[url=https://en.wikipedia.org/wiki/Wi-Fi#Network_security]https://en.wikipedia.org/wiki/Wi-Fi#Network_security[/url]
[quote]...Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping but it is no longer considered secure. Tools such as AirSnort or Aircrack-ng can quickly recover WEP encryption keys.[77] Because of WEP's weakness the Wi-Fi Alliance approved Wi-Fi Protected Access (WPA) which uses TKIP. WPA was specifically designed to work with older equipment usually through a firmware upgrade. Though more secure than WEP, WPA has known vulnerabilities.

The more secure WPA2 using Advanced Encryption Standard was introduced in 2004 and is supported by most new Wi-Fi devices. WPA2 is fully compatible with WPA.[78] In 2017 a flaw in the WPA2 protocol was discovered, allowing a key replay attack, known as KRACK.[79][80]

A flaw in a feature added to Wi-Fi in 2007, called Wi-Fi Protected Setup (WPS), allows WPA and WPA2 security to be bypassed and effectively broken in many situations. The only remedy as of late 2011 is to turn off Wi-Fi Protected Setup,[81] which is not always possible....[/quote]

我的無比膏 2017-12-29 09:11 AM

經public WiFi hack 入人地部機,你想睇咩都得

Susan﹏汪汪 2017-12-29 09:16 AM

[quote]原帖由 [i]xianrenb[/i] 於 2017-12-29 09:09 AM 發表 [url=http://www.discuss.com.hk/redirect.php?goto=findpost&pid=472994888&ptid=27147464][img]http://www.discuss.com.hk/images/common/back.gif[/img][/url]


基本上我唔識呢 d security 問題。
但我估可以看看 https://en.wikipedia.org/wiki/Wireless_security 開始找資料。
而我估可能性比較大的相關點子是:
https://en.wikipedia.org/wiki/Wi-Fi#Network_securit ... [/quote]
https://www.ibm.com/developerworks/cn/linux/l-libpcap/index.html

參考一下

xianrenb 2017-12-29 01:00 PM

[quote]原帖由 [i]Susan﹏汪汪[/i] 於 2017-12-29 09:16 AM 發表 [url=http://computer.discuss.com.hk/redirect.php?goto=findpost&pid=472995166&ptid=27147464][img]http://computer.discuss.com.hk/images/common/back.gif[/img][/url]

[url=https://www.ibm.com/developerworks/cn/linux/l-libpcap/index.html]https://www.ibm.com/developerworks/cn/linux/l-libpcap/index.html[/url]

參考一下 [/quote]

你說得對:
[url=https://en.wikipedia.org/wiki/Pcap]https://en.wikipedia.org/wiki/Pcap[/url]
[quote]...Monitoring software may use libpcap and/or WinPcap to capture packets travelling over a network and, in newer versions, to transmit packets on a network at the link layer, as well as to get a list of network interfaces for possible use with libpcap or WinPcap....[/quote]

另外,之前我搞錯了,忘了一般 public wifi 根本唔駛 password ,是無 protection 的。
那麼只要有方法取得 layer 2 (link layer) 的 data frame ,就可以看到無加密過的資料。

xianrenb 2017-12-29 01:04 PM

[quote]原帖由 [i]煙民母親生賤種[/i] 於 2017-12-28 02:33 PM 發表 [url=http://computer.discuss.com.hk/redirect.php?goto=findpost&pid=472964100&ptid=27147464][img]http://computer.discuss.com.hk/images/common/back.gif[/img][/url]
e.g.
router : 192.168.11.1 (dhcp)

派 100 個 ip 給 users (192.168.11.2 ~ 192.168.11.101)

protocol : any (http , https, ftp, smb, etc....)

192.168.11.2 在網絡中輸入:
a) user name: chan tai  ... [/quote]

咁即是要解決原問題,最簡單方法是用 HTTPS 、 SSH 等。

t_y_mak 2017-12-29 01:55 PM

路人甲一名.  你問錯區. 有資源的話. 起過VPN SERVICE DEVICE. 用SSL-VPN 方式上網. END-USER 用咩TRAFFIC 都較安全.

煙民母親生賤種 2017-12-29 07:57 PM

[quote]原帖由 [i]我的無比膏[/i] 於 2017-12-29 09:11 AM 發表 [url=http://computer.discuss.com.hk/redirect.php?goto=findpost&pid=472994952&ptid=27147464][img]http://computer.discuss.com.hk/images/common/back.gif[/img][/url]
經public WiFi hack 入人地部機,你想睇咩都得 [/quote]唔洗 hack! 我試過在 public wifi 唔小心開左 ftp, 發覺係可以睇哂機內的東西。:fst_008:如果 enable 左 file share / printer share, 又無 block 到個 port, 應該所有人都可以睇哂你部機的野。所以最好 set password. :fst_016:
頁: [1]
查看完整版本: 截取同網絡的 data 之可行性