November 23, 201312 yr Hey guysOut of curiosity and boredom, I installed a linux security OS on my desktop and setup a fake hotspot with man in the middle with a bunch of password sniffer and sessions hijacker.The result, using my laptop... Well I was able to get 95% of my password on HTTP "Avsim, Amazon, Boursorama, etc... And 80% on secured HTTPS "facebook, Gmail, hotmail, paypal, etc...When I used my Iphone/Ipad the HTTPS result was lower because I was using IOS apps, but the result using safari for HTTP was the same than on the laptop.I was also able to see every website I was going to and save most of picture I was looking at. Scary isn't it ?Well, there are few things that I have not tried, but I am pretty sure it's working perfectly :- Create a trojan horse that is undetectable by all anti-virus software in the market and will replace any EXE file you try download from internet.- Sessions Hijacking, If you connect and don't log out from any website "the level of security is irrelevant" the hacker will be able to access it and use it.All you need is this :http://docs.kali.org/wp-content/uploads/2013/02/SS808.png that : http://www.avenir-informatique.eu/boutique/11-253-thickbox/alfa-network-awus036h-carte-usb-wifi-b-g-1000mw-antenne-2dbi.jpg and for the power : http://www5.pcmag.com/media/images/258148-sanyo-eneloop-mobile-booster.jpg My conclusion, make sure that your wifi security is rock solid and when you don't use your home wifi, subscribe to a VPN server that will encrypt your data !
November 23, 201312 yr VPN isn't safe either ... not much is "safe", just ask Adobe. It'll be interesting to see what happens to "global networking", especially with the current explosion of mobile devices.
November 23, 201312 yr Author Well, at least your data will be invisible to 99% of the hacker in coffee shops, airport and hotel. I am not speaking about government agencies or professional hackers that target you, but mostly about people that will toy with your account or take it hostage until you pay x dollars to a foreign country western union or make it a zombie for the next DDOS attack
November 23, 201312 yr Irony is that many hackers use older government hardware (routers) to stay untraceable. Parts of the US government networks are probably the least secure installations around.
November 24, 201312 yr Author Interesting, today all you need to jam a router, steal HTTP credentials and hijack secured session is an android phone with an app installed.
Create an account or sign in to comment