Hey I’m the new Gateway on the netblock

Get the Word Out there

Your still hanging in there and we  at aimless wandering truly love that about you.  While we spent the last two sessions being stealthy about things. For the purposes of this section, we don’t care how much noise we make, no one ever checks the log files on there router. …. right?

Lets set the scene:

You live in a four family apartment building, just one of a dozen lined up along side a major city street.  Not the richest of neighbors but not poorest either.  The demographics of the surrounding area would fall in the “upper end” of lower-middle class.  Each tenant making enough income to afford a decent car, rent, and have enough  left over to splurge on tech toys (computer, iPhone, etc….), but not enough to afford moving “anytime soon”.

As with most cities, the favored past time by much of the younger population is piling into any one of the bars within stumbling distance.  This all comes into play just after last call, usually and hour of so after. Once the post-drinking raiding of the fridge after safely making the trip home from the local pub is all finished.

The time is around 3am, with most respectful members of society long asleep in their beds.  You are home, bored, slightly buzzed, and  like anyone else you login to Facebook and begin drunk messaging. As with any inebriated person the A.D.D kicks in and you check out Netflix, Hbo-2-go, and finally check the damage your night out had on your bank account, then off to bed.

So. …. List of possible devices

  • Smartphone
  • laptop and or desktop
  • Smart-TV’s (for some)
  • Table/Ipad
  • Ipod…. (sense cell batt time is famous for draining due to poor 4g coverage, we have not yet abandon these awesome devices)
  • And lets not forget the Queen of the party The Router.

As stated we are past caring about the about of noise we create on the network of choice, here is where we begin to learn the “How’s” and “Why’s” as well as common known tools of the trade.  The attack method in question here is known as a “Man-in-the-Middle” and refereed too here as well most other places as “MITM”.

I began my learning with the discovery of ettercap, it’s a nice tool and there is a lot to it that i still have yet to use.  The first method beneath the MITM umbrella that will be gone over here is “ARP spoofing”.

Manipulating the ARP tables can be rather fruitful provided you know a few things in advance. seeing as ettercap performs an initial arp  storm (a quick scan of all possible ipv4 within your given subnet), it would help to know the ipv4 (192.168.1.x) address of your default gateway, as well as the address of the target device within the network.

Granted ettercap can be configured to poison all devices with the subnet and have a run  at every packet of data from all users depending on that AP,  the result is more of a coin flip scenario, it either works and the users simply deal with the sudden lag of service or the network crashes and stays that way until reboot.

Provided we have the gateway address, usually something to the line of 192.168.1.254 or the like, and the address of the target device, we redirect the route of inbound, and/or outbound traffic from the target through your computer and then back out to the router and on to its final web server.

While ettercap can not forge a SSL cert, most people, like in the one described above, simply click the okay button on the SSL warning that triggers from a Facebook login attempt on a compromised network.  The ignored warning is probably the only warning you going to get that your neighbors may be snooping where they don’t belong.

This redirecting of traffic is clear to anyone looking, using a program mentioned else where in this blog, lanmap shows a pretty neat picture of what your actually doing.  Packets are the goal, passwords are the bonus.  Once the warning of improper SSL is ignored, web sites drop to the next best thing, CLEAR TEXT.

Parsing through the pcap file created with the ettercap program, you will discover that in the mix you more then likely have come crossed a session ID or two. Session Hijacking, also known as Cookie jacking is the capturing of established,”Trusted” information to verify authorization to a specific server from a “Secured” account. The Attacked can modify a cookie, import it into the desired browser and be used to access the listed account, With out a password.

The list of things you can accomplish with just the ettercap program is quite impressive, from the above discussed methods, to the DNS poisoning, in which an attack can deliver a forged “look-a-like” site to capture login information, or to simply be a pain in the ass and send you Rick-Rolling.

Regardless of the intend or the method, the end result to the user is at the best case a head ache and a stupid change in FB status. The worse case side of the coin could spell financial loss, and or identity theft.

 

 

We at Aimless Wanderings want to help assist the local humane societies find homes for their older cats. An older cat is harder to find a forever home, by taking the fees away from the adoption we hope to make their stay in the shelter as short as possible.

These fees range between $40 and $70 dollars, as we are looking to sponser the older ones of the group. The Humane Society we are currently working to help is the Conway Humane Society you can find the site and there current list of furry residences at

https://www.conwayshelter.org/pages/adopt_cats.html