Monday, December 15, 2008

The ultimate hacker's ensemble

1. A WiFi NIC that supports monitor/RFMON mode, likely a Cisco
2. A high-gain directional parabolic WiFi antenna, like the RadioLabs 24dB Parabolic Grid WiFi Antenna ($70)
3. Kismet to record packets, detect networks, etc. (free)
3. Aircrack-ng to crack WEP encryption (free)
4. A web browser. Now the trick is to feed those HTTP streams to the web browser. Since normally a web browser isn't accepting a web page from a server unless it had sent a request, we'd have to hack the web browser. I.e., we'd have to download the source to Firefox (open-source), or perhaps code our own web browser from webkit. There might be an easier way, though. Given a web browser that support the experimental Reverse HTTP, we could first send the command to put it into Reverse HTTP mode, and then every subsequent web page will be server-push. This still wouldn't likely work for AJAX or dynamic Flash, etc. applications with two-way stateful communications. But for regular old HTML it'll still be cool.
5. Wireshark to decode AIM, Live Messenger, etc. messages
6. A laptop (for war-driving/stalking), or a normal desktop PC if we just want to eavesdrop on networks from around our house
7. A car with heavily tinted windows (again, only if we want to stalk particular people/organizations or go war driving)

Now we stitch it all together programatically so that we can just point the antenna, select a random NIC on a random BSSID, and view their web sessions as if they were our own, and possibly have pop-ups for IM messages too. And we'd do this all completely passively - i.e., it would be physically impossible for them to detect that we're doing it or to know where we are. Sweeet

No comments: