Wednesday, August 30th, 2006
Go get Wifi ... and shorn
As we saw in a previous post, the Palm is ideal for the wardriving or warwalking (find open wifi wireless networking, to connect "borrowed"). However, while most open networks (ie, not requiring user name and password) are because they have been left so intentionally, or because he has installed the most basic known about the wifi network security, there are also times that the cause lies elsewhere, and the person behind this network knows what he does. And really might know what he does.
Is the case with this clever (not to call it that) which has decided to laugh a little of his neighbors, who are using your wireless network to surf the Internet. The process is simple but effective:
- First divide your network "two", by configuring the DHCP server for that of their teams (whose MAC address known) an IP of the "good part", and all others of the "bad part".
/ etc / dhcpd.conf
ddns-updates off;
ddns-update-style interim;
authoritative;shared-network local (
subnet *.*.*.* netmask 255.255.255.0 (
range *.*.*.* *.*.*.*;
option routers *.*.*.*;
option subnet-mask 255.255.255.0;
option domain-name "XXXXX";
option domain-name-servers *.*.*.*;
deny unknown-clients;trusted1 host (
hardware ethernet *:*:*:*:*:*;
fixed-address *.*.*.*;
)
)
subnet 192.168.0.0 netmask 255.255.255.0 (
range 192.168.0.2 192.168.0.10;
option routers 192.168.0.1;
option subnet-mask 255.255.255.0;
option domain-name-servers 192.168.0.1;
allow unknown-clients;
)
)
- Once done, there are many ways to have fun. The first is through Iptables (a packet filtering module, included in the Linux kernel), make all traffic coming / going to a team of "bad network" is always redirected to another machine that we decide. The result is that when our neighbors surf the Internet, go to the page you will always end up in the one in the direction we have chosen. I leave readers to think about what would be the most fun page to do that. We might even make ourselves, for example by a warning from the CIA, informing them that they will be investigated by the road "dangerous."
/sbin/iptables -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -j DNAT --to-destination 64.111.96.38
- But this man has come up with another way to "have fun", even more original. You install Squid on your computer, a web proxy that is used in many networks as an intermediary between users and the Internet, combined it with mogrify, a script of image processing package ImageMagik, which allows, from the command line, perform operations on images, such as resize, rotate, etc.. In fact, he has used to turn it vertically all the images that are downloaded from the Internet. Then with the above trick, has redirected the navigation of its neighbors to the proxy. The process is transparent for users surfing, and the result is very curious:
The setback Website (click to enlarge)
Script to "tweak" the images
#!/usr/bin/perl
$|=1;
$count = 0;
$pid = $$;
while (<>) {
chomp $_;
if ($_ =~ /(.*\.jpg)/i) {
$url = $1;
system("/usr/bin/wget", "-q", "-O","/space/WebPages/images/$pid-$count.jpg", "$url");
system("/usr/bin/mogrify", "-flip","/space/WebPages/images/$pid-$count.jpg");
print "http://127.0.0.1/images/$pid-$count.jpg\n";
}
elsif ($_ =~ /(.*\.gif)/i) {
$url = $1;
system("/usr/bin/wget", "-q", "-O","/space/WebPages/images/$pid-$count.gif", "$url");
system("/usr/bin/mogrify", "-flip","/space/WebPages/images/$pid-$count.gif");
print "http://127.0.0.1/images/$pid-$count.gif\n";
}
else {
print "$_\n";;
}
$count++;
}
- Mogrify changing parameters, you can also make all the images downloaded from Internet neighbors from being blurred, to get what he calls the Internet blurry.
Web blurred (click to enlarge)
In short, when you stand to use neighbor's wireless network, keep in mind that not only you, the you see, but he also sees you to you and may acabéis be the target of his jokes. So do not despair focus the image on the monitor, because they may see the blur any other cause ...
By: Mark Gonzalez Troyes in General
| Comments RSS | Trackback | 
Print this post
| Share: |           |
Often people shed is mounted so that the connection will not robbed
In my $ HOME have WiFi (WPA) with MAC ACL and nobody has ever tried to connect ...
The trouble is that my Tungsten C can not use WPA, and the PalmOne WiFi card (I still have when used with the T | 5) nor
They say that Palm is thinking seriously-this time-what drivers for the Treo ... is it true?
Greetings, Marco!
Yes, I found the topic relevant because I know that many Palm users have to end, leaving the network without WPA.
We use the neighbor's wifi is not always so bad. A friend of mine was able to enter the messenger and browsing in the town where he was on vacation, through the linking of someone, and the bandwidth used was negligible.
And what hath given mania with calling "Marco"!
jeje it worth putting a wifi just this fun
I can not connect my palm help elviog_921700@hotmail.com
I discovered ... that you have fun with neighbors you yourself Marcos ... jejejejeje
Jokes aside there are those philanthropists who share their WiFi connection ... there is a project called FON that allows to flash the firmware of the router and allow free donate part of the bandwidth of your connection ... the idea is to create an infinite network of Hot Spots ... unfortunately I think only has been booming in Spain and at least here in Chile there are FON ...
But then again ... I have to donate for free something that costs me money to me and not others? I have MAC filtering and WEP on my WLAN and is undetectable on the other side ... only I was good there ... that true?
FON is well under way, but I do not think the solution is what I'm going to give coverage, living in a 5th floor? Signal fails or the street. Then there is another detail: if someone does something illegal using your connection, then I think the responsibility is yours.
Here in Spain and Telefonica is offering to use their hotspots across the country for a monthly fee. I suppose that once coverage is decent, and included in the price of ADSL.
doubt!! I ine palm t / x. I was able to connect to a wi fi network. wing but when putting a page, tells me an error: the requested web page is misspelled. aa write back .. And since I'm sure this well escritta. happens, I have to do. I already use this system.
Curious to meet this post just hours ago when I could think of something, but no fun. The premise is that the person drove wifi owner could put a "honeypot" that serve to capture passwords and personal data who is navigating. Personally I think a serious matter ...
Yes, entering unknown networking expose ourselves to that, the same holds a honeypot as a protective measure, as you say, as a way of profiting from users "candid".
You do not need much sophistication. With a simple protocol analyzer can expect some kind of traffic that may contain passwords, if not encrypted.
How is that through an open wifi network you are exposed to both.
Is there any way to avoid falling prey to any malicious access to a network in such conditions.
Estimates that if we take when you go customers by visiting labor issues and suddenly you run into these networks 'free'
Very good job with the page and move on
Greetings from Peru
CG
Great article.
Warning about the dangers of open networks has raised debate, explains everything very easy and put up the scripts in Linux that anyone can do at home.
My congratulations to the author.
As soon as I copy the scripts to study, because it is a lesson in network engineering. And then passed it to a few friends to do the same.
Greetings.