[Q]about wifi packet sniffing and skype - XPERIA X8 Q&A, Help & Troubleshooting

So apparently, I can't bring my laptop everywhere to get my thing done, but I had a thought of referring that to my phone. I find any trusted app/script to get the packets to cap file that would sit down in my sd card for further use. I'm not some evil mastermind that would go stealing anything(don't need anything now dough) This is purely for learning since I'm still learning about IT but trying to get ahead and since android is something that I'm still not sure of how it works.
And my other question: How can I get video calling on skype? I'm assuming it should work with GindgerDX but it doesn't.

Bahurs1 said:
So apparently, I can't bring my laptop everywhere to get my thing done, but I had a thought of referring that to my phone. I find any trusted app/script to get the packets to cap file that would sit down in my sd card for further use. I'm not some evil mastermind that would go stealing anything(don't need anything now dough) This is purely for learning since I'm still learning about IT but trying to get ahead and since android is something that I'm still not sure of how it works.
Click to expand...
Click to collapse
The question is ... why would you want to run a packet capture? The payload data in the packets is encrypted anyway - so there's no real way to (assuming evil intentions) crack down on the convos of other users being in the same WLAN/LAN segment. If you're worried about Man-in-the-middle attacks take my word that it won't work. If you wiretap a Skype<->Skype chat/call via a man-in-the-middle attack the connection would fail as Skype would recognize that the end-to-end encryption is borked.
Anyhow, whatever your idea is ... Google for "Pixie" ... that's a network sniffer for Android, and the only one I happen to know (as real men use tcpdump or Wireshark for network analysis anyway).
Bahurs1 said:
And my other question: How can I get video calling on skype? I'm assuming it should work with GindgerDX but it doesn't.
Click to expand...
Click to collapse
No. Skype Video only works on a selected range of devices (read up on the description in the Market) having a FRONT camera (a camera that's facing you and not a camera that's at the back of your device facing away from you).
Look around on XDA/Google (in other words: SEARCH!) and you will find out that there's a hacked version that has Video enabled for some additional devices, though I don't know if that would support the back camera of the W8/X8.

Yeah I'm kinnda sorry for the dumb question about skype cause I just always forget to look it up when I sit down on the web.
As for the sniffer thing. I dont know who would ever need to investigate packets affcourse I need to get the password. The sicuation is hard to explain, but lets say I need to prove that 14digs of just numbers is a stupid idea for long range wifi access password.
I cant get my laptop there so I need an alternative to get some packets and then easily get the password at home and as I sayed I'm not a genius in IT but I know how to use some of the features that backtrack provides.

Related

Networking help, gmote related

i have been playing with this application for the past 4 hours
and it will JUST NOT connect! im pretty sure ive reached that point
where you keep trying everything u can, but eventually you end up with
a web of mistakes and have no idea where to begin to finish...so, lets
get to it...
- i am at school. i live across the street from campus, far enough to
where my g1 wont pick up the wifi signal, so configuring the app via
wifi isnt even an option...
so i go to the FAQs and there seems to be a way to operate the program
via the cell network without using a router...great because i dont
have one...but when i read the instructions, it starts telling me
stuff ABOUT a router...
"2.Log into your router and go to the port forwarding section (it
might be called NAT settings, or Application and Gaming). "
...where am i supposed to go to do this? i have set up ICS, i have
googled google for "port forwarding" "nat settings" "nat configuration
in windows xp", ive even used the BS help and support that comes with
windows, im going nowhere. can somebody PLEASE help me figure this
out? i want to use gmote over t-mobiles internet connection, and it seems like you can do this from what the FAQs told me...any help will be appreciated
Yeah the faq doesn't make sense, have you tried the developer directly or checking their google group? They are pretty quick to respond
On my home pc i just needed to know the ip addresss of my machine. Since this is a campus network, its possible that only particular ports are open. the port that gmote uses may be blocked.
The FAQ is a little confusing, but its not that difficult to work out
That is true, given that bittorrent and Ares are known for not running on campus...how do I figure out what ports ARE open?? I guess google will help
cant you just connect to the ip number of your computer?
Thats what Im trying to do, but Im now assuming that the ports are blocked because I cant get thru no matter what. I ran netstat and tried to figure it out but it was Russian to me
From what I understand of the program, you have to be on the same network. I may be wrong, but if you are on a different subnet, then you're SOL.
Like I said, could be wrong, but that's what I heard.

Captivate wifi fix?

Ok guys. I am not sure what is going on here.
I can't connect to my schools wifi and it is becoming a royal PITA.
I can connect to wifi perfectly fine at home.
At school, they don't require any sort of "password" to access the network. (no wep or anything I mean) They do have one of those annoying/retarded portal login systems which seems to be coded to only care for laptops.... Actually I should say coded for a hand full of browsers ON the laptop.
I once or twice a week or so ago was able to actually access the login page either by entering it manually and being able to actually use wifi for a few minutes.. or by getting redirected.
I took the problem up with the help desk, they said we now have alimit of 4 wireless devices and my allowance was maxed.
Unlikely but, whatever..
So now over the last few days won't redirect me, it won't let me even enter the login address manually.. (before it wasn't a sure thing but, I could at least do it.)
I am rooted running cog 3.03. (Which does have the 2.2 update) Had the same problem on stock 2.1.
Goes without saying I'm rooted and willing to do what it takes to get wifi working here.. Even if I did happen to have unlimited data.. my school is pretty Iphone heavy... especially at lunch, And some days I am just happy to receive the occassional text I can get from my girlfriend.
But, fact is I don't have unlimited data.. I have extremely limited data.
If anyone has a solution, I would appreciate it.
Tried:
Wifi fixer in market.
Rebooting.
"forgetting" then reconnecting. (a million times).
Manually assigning an IP address.
Praying to Cthulhu
Using multiple browsers to see if one works with portal better.
and I am out of idea's..
Any chance you need to enter a proxy server?
I have never needed to enter a proxy server before with any other device.
And I have never found anything suggesting I would anywhere on the school website.
Snow_fox said:
I have never needed to enter a proxy server before with any other device.
And I have never found anything suggesting I would anywhere on the school website.
Click to expand...
Click to collapse
You might ask around about it. The browser is probably set to auto detect a proxy. You don't have that on the phone.
Although, you do indicate you actually did connect for a bit a while back, so it likely isn't the proxy.
Sorry. Don't know what else to offer.
I appreciate the effort, unfortunately my school didn't resolve the issue either so I am unsure what to do..
You might be on to something with the proxy...
No telling how the looney's set this stuff up...
Do you have the login page in your favorites? And does the device connect to the wireless "hotspot"?
I'd test it at a starbucks (or mcdonalds of all places have them too) and see if the issue repeats itself. The ATT hotspot requires you accept the agreement before it allows you to browse.
If it doesn't work.. I'd go back to stock and see if you continue having the same issues. If the issues are resolved when going back to stock - then you'd need to bug DG for a possible fix with his ROM as that is possibly where the problem lies.
Yes it does happen to connect at other places.
I can get it working at home no problem.
I have the url memorized at this point to log in..
Part of the reason i rooted was one or two people said it cleared whatever wifi problems they wre having up..
Infact I would agree with that more than anything..
Although it didn't fix my problems, I have been able to do a bit more..
I hate with a passion bumping my own thread.. but, if anyone can help.. I would appreciate it.
i think your issue might not be your phone but your school unfortunately... when you are there to connect, are there a lot of others there as well?? for example, where i am at, they have their access points set up and i can select it with my phone, but sometimes i get on and sometimes i dont.. the issue is that they limit the amount of connected users and it might show that you are connected, but you don't in fact have access.. does this sound about like what you are having??
a test (and this will suck) is to let it connect and if it isnt connected, sit there for a while and watch as people leave and see if you connect.. usually they slot peeps in order as they log in via their IP.. so depending on how many users are not able to connect, you might not be the first to get on.. this sux and i know.. it happens here all the time and some times i have drained my laptop battery sitting there trying to connect.. now that i have my phone, 1 or the other will connect first
hope it helps a little.. but like said.. good chance its not your phone .. if it is your phone.. i am not really sure what else to think of at the moment..
Zug

[Q] Blocking Smart phone readers

Has anyone seen in the news the electronic readers the government is using which is capable of illegally stealing all private information from any type of smart phone?
Can anybody create a mod that will block a device like this from being used on the Nexus one?
http://www.prisonplanet.com/cops-us...l-cellphone-data-from-innocent-americans.html
Do you really believe what you read?
Say, 16GB of photos&data on iPhone, 1.5 minutes, count required transfer rate - quite simple - and then tell me, what kind of wireless connectivity does this "device" use to "steal data from unsuspecting people"?
Then ask yourself the first question again.
Now, if you look up the stated device's manufacturer site, http://www.cellebrite.com/forensic-products.html, you'll see that even in their photos it's perfectly clear this device has to be connected by wire to the phone. Does anyone in their right mind willingly connect the phone by USB to some device with unknown functionality? In that case, no, the data can't be protected.
Now, if you go even one more step further, and open the "supported devices" catalog on the site, you'll see that the only thing that can be done wireless to the iPhone is extracting phonebook - and I'm not sure about the requirement to allow the BT connection - but if you look up Nexus One, you'll see that it definitely has to be attached by wire to do anything with it.
And now back to the first question: do you believe everything you read?
Jack_R1 said:
Do you really believe what you read?
Say, 16GB of photos&data on iPhone, 1.5 minutes, count required transfer rate - quite simple - and then tell me, what kind of wireless connectivity does this "device" use to "steal data from unsuspecting people"?
Then ask yourself the first question again.
Now, if you look up the stated device's manufacturer site, http://www.cellebrite.com/forensic-products.html, you'll see that even in their photos it's perfectly clear this device has to be connected by wire to the phone. Does anyone in their right mind willingly connect the phone by USB to some device with unknown functionality? In that case, no, the data can't be protected.
Now, if you go even one more step further, and open the "supported devices" catalog on the site, you'll see that the only thing that can be done wireless to the iPhone is extracting phonebook - and I'm not sure about the requirement to allow the BT connection - but if you look up Nexus One, you'll see that it definitely has to be attached by wire to do anything with it.
And now back to the first question: do you believe everything you read?
Click to expand...
Click to collapse
But, it's on the internet, why would the internet lie? Are you calling the internet a liar?
I believe that if you soak your phone in warm, salty water overnight it will block this device - haven't tried though, so I can't confirm...
Umm... those Cellebrite devices are very real, and Michigan police are/were using them. The have the ability to pull the data off of thousands of different types of phones, over USB. I've never see Android specifically listed on their site, but I'd be willing to bet their devices can pull data from Android too.
That being said, I can't believe people are handing over their phones. This whole thing stinks of illegal search and seizure. But, they're getting away with it by saying the person willingly handed over their phone (even though I'd bet they're being coerced), There would be absolutely no way I'd hand my phone over to any LEO with out seeing a warrant first.
I was just mulling this over in my head... and I think the only way to block something like this would be to disable the data port on the phone. What that would involve from a software stand-point, I have no idea, and may not even be possible with how the hardware/software is designed... but that is basically the only way I'd see it to be possible.
Removing the USB driver (device functions) from the kernel would be enough, I believe.
In order for adb to work, you have to enable usb debugging. Wouldn't that be a requirement with this device, also?
ok just because I pulled this from prison planet doesn't mean its not true, it was the most convenient link at the time and hours later it was on front page of yahoo and all the major news sites. it would be easy for a police man to take your phone from you and hook it up to whatever they want.
Yep, saw it tonight on NBC Nightly News with Brian Williams. Looks scary with some cops not using warrants to get your phone on a traffic stop...

Making Rooted safer than Stock

Dear Team Eureka there is one thing you may do with security of Chromecast that Google did not.
You may add the missing security feature:
"if there is no connection to preset network" - "do not enable unprotected wifi ap mode" unless user will press reset button for short time (something like enable/disable wifi feature with openwrt)
There is plenty of things you ma use button for in future
(you may use different functions within different interval)
press
1-5 seconds
6- 15... and so on
I like this feature!
I agree that the way it is currently working is not as secure as it could be...
But I think the better way to do all of this is the following:
1 - Never have the CCast automatically connect to an Open Wireless unless specifically told to via Setup (not sure if it does this now or not)
2 - (and this would be the alternative to your suggestion) CCast doesn't leave any unprotected network sans AP connection for setup. It's default setup mode is a protected WiFi either WEP or WPA
CCast should instead set a random pin/pass and WPA/WEP connection for use in setup when it can't find an authorized AP.
Since you should have access to the screen it is plugged into and hackers would not, you would make the connection to the CCast in protected mode using the PIN that is displayed on the screen to make the connection to the protected network. Once connected you set up the device normally.
Much better than walking over to the TV and device to press a button and much more secure because the only way to set up or take over the unit requires access to the TV it is plugged into.
As far as the Button is concerned I would really like to see it used to switch modes and add a DLNA device mode to the custom rom. Unless the ROM could add this feature while still in CCast mode.
Asphyx said:
1 - Never have the CCast automatically connect to an Open Wireless unless specifically told to via Setup
2 - (and this would be the alternative to your suggestion) CCast doesn't leave any unprotected network sans AP connection. It's default setup mode is a protected WiFi either WEP or WPA
CCast should instead set a random pin/pass and WPA/WEP connection for use in setup when it can't find an authorized AP.
Since you should have access to the screen it is plugged into and hackers would not, you would make the connection to the CCast in protected mode using the PIN that is displayed on the screen to make the connection to the protected network. Once connected you set up the device normally.
Click to expand...
Click to collapse
AFAIK Chromecast never does #1 - it won't auto-connect to any AP unless it's already set up.
Agree on #2 though. Actually, both yours and mathorv's suggestion could be used in conjunction - Chromecast should use WEP security* on its setup AP and turning on the setup AP could be set to require human interaction.
*mainly for compatibility with clients/routers that don't support WPA or better - yes, they still exist - crackable, yes, but still better than completely open as it is now.
Since the serial number is easily accessible on the unit itself and its box, that could be an easy-to-get password, and the 4-character alphanumeric ID shown on the TV could be a secondary confirmation for Setup, not just a convenient way to make sure you're connected to the correct Chromecast (does Google really think/hope there will be that many Chromecasts out there being set up at the same time?).
Also if http will be protected with https also passwords it may be better to config Chromecast wireless options via https/ssh.
Is there any way to implement power save for example trigger via ssh/https?
bhiga said:
AFAIK Chromecast never does #1 - it won't auto-connect to any AP unless it's already set up.
Agree on #2 though. Actually, both yours and mathorv's suggestion could be used in conjunction - Chromecast should use WEP security* on its setup AP and turning on the setup AP could be set to require human interaction.
*mainly for compatibility with clients/routers that don't support WPA or better - yes, they still exist - crackable, yes, but still better than completely open as it is now.
Since the serial number is easily accessible on the unit itself and its box, that could be an easy-to-get password, and the 4-character alphanumeric ID shown on the TV could be a secondary confirmation for Setup, not just a convenient way to make sure you're connected to the correct Chromecast (does Google really think/hope there will be that many Chromecasts out there being set up at the same time?).
Click to expand...
Click to collapse
Thats why I think whenever it can't find an AP to connect to it shouldn't take anything for it to generate a random password (changes everytime) that can be used until setup is complete...
As for HTTP access i it is not connected to an AP there really is no HTTP available until you have connected to it in some way.
I would be happy if Google allowed us some config tools but I don't think they are all that interested in us having control over the unit for DRM purposes.
The devs at Plex have even said that Google will not allow them to implement sending to CCast as part of their Local PlexWeb (Plex.TV is fine though)
This suggests they really do not want anything they can't approve or any usage that could expose how the device is talked to being left open to the public.
I guess they figure that if we can see how linkage and communication is done we will reverse engineer it to play and do things they don't want us doing or bypassing DRM schemes as they currently work.
bhiga said:
Agree on #2 though. Actually, both yours and mathorv's suggestion could be used in conjunction - Chromecast should use WEP security* on its setup AP and turning on the setup AP could be set to require human interaction.
*mainly for compatibility with clients/routers that don't support WPA or better - yes, they still exist - crackable, yes, but still better than completely open as it is now.
Click to expand...
Click to collapse
WEP is broken for over 10 years now! No sane human being is using it. Cracking WEP is extremely fast and easy. WEP is a false protection, illlusion of security. Using WEP is BLASHEMY.
mathorv said:
WEP is broken for over 10 years now! No sane human being is using it. Cracking WEP is extremely fast and easy. WEP is a false protection, illlusion of security. Using WEP is BLASHEMY.
Click to expand...
Click to collapse
Obviously you feel strongly about WEP.
I'm not going to argue that, because you are right that WEP is easily broken. WPA can be broken too, but with more effort.
That said, WEP is an illusion of security only if you expect it to be unbreakable, just like passwords and everything else.
Seat belts won't save you in every accident, but if you don't expect them to, they are still helpful in the event of an accident.
Now if you're driving recklessly because you think seat belts and air bags will save you, then yes it is a false sense of security and you're foolish to take extra risks.
But for the Chromecast setup AP that is temporary by nature, are you suggesting that it is better to not use any security at all, just as it is right now?
You know what I always say.....
"Just because you are Diagnosed Paranoid doesn't mean people aren't out to get you!"
LOL
This is the second conversation regarding CCast vulnerability and so far all we have identified as a REAL security concern is that someone could set up the CCast to connect to some WiFi other than yours which would lead to the grand total tragedy that they could send content to your TV.
The other conversation was in regards to the Rooted ROM having SSH and Telnet installed that could be used to hack your Router Password provided you had already hacked the router password to make the connection to the CCast in the first place to use those tools to get what you already have!
Here is something folks should take into account....NOTHING IS SECURE EVER!
Even the Servers in Iran's Nuke Plant that had no connection to the outside world whatsoever were compromised, Hacked and attacked by Stuxnet!
There is no security ever the only thing you can ever really do is make the hack hard enough and as time consuming as possible that they will move onto someone else's system to pry into their Word Docs and that private folder you keep your IFriends profile pictures in instead. LOL
Yes WEP can be hacked. Imagine how much fun someone will have after they set up your CCast to use their network and try to send content to a TV never knowing if you actually noticed it or not because they can't see your TV.
It's still a damn site better than leaving an Open WiFi AP on the CCast until setup which takes no hacking skill at all to crack.
The way I look at it if the person is smart enough to hack they are also smart enough to know there is no point in hacking a CCast...Not when there is a WiFi router that gets them a hell of a lot more personal info and much more access than just displaying content to your TV.
Asphyx said:
This is the second conversation regarding CCast vulnerability and so far all we have identified as a REAL security concern is that someone could set up the CCast to connect to some WiFi other than yours which would lead to the grand total tragedy that they could send content to your TV.
Click to expand...
Click to collapse
While this would be a great dorm prank, at least with the current functionality of Chromecast, that's all they get to do... turn on the TV and send whatever video to the TV they want, which would be quite scary/annoying. Think of the beginning of Back to the Future Part II where all the screens in the house turn on with Marty's boss telling him he's fired.
Asphyx said:
The other conversation was in regards to the Rooted ROM having SSH and Telnet installed that could be used to hack your Router Password provided you had already hacked the router password to make the connection to the CCast in the first place to use those tools to get what you already have!
Click to expand...
Click to collapse
Actually I think the scenario @mathorv described is a little different and easy to exploit.
Chromecast is in setup mode and broadcasting an open AP
Attacker connects to the open AP
Attacker connects to Web Panel and enables ADB/Telnet/SSH (because web panel currently does not require authentication, Team Eureka said authentication is coming)
Attacker connects to Chromecast via ADB, Telnet, or SSH and gets access to the root filesystem, where they can see the cleartext password and SSID of the AP that Chromecast normally connects to (because password is stored in supplicant config file which is accessible)
So the attacker does not need anything more than to see the Chromecastnnnn AP.
Sadly, the WPA authentication seems to be stored the same way on phones/tablets as well. The only thing that shields phones/tablets from the same type of attack is not all of them have root and they usually aren't accessible from the network. Hence, with root comes extra responsibility, which is why root often is made difficult.
Asphyx said:
Here is something folks should take into account....NOTHING IS SECURE EVER!
Click to expand...
Click to collapse
Yup. What we commonly call "security" is really just a deterrent. It increases the effort and the hope is that the attacker will pick an easier target. It's why we put locks on doors when it's often relatively simple to bypass them.
bhiga said:
Chromecast is in setup mode and broadcasting an open AP
Attacker connects to the open AP
Attacker connects to Web Panel and enables ADB/Telnet/SSH (because web panel currently does not require authentication, Team Eureka said authentication is coming)
Attacker connects to Chromecast via ADB, Telnet, or SSH and gets access to the root filesystem, where they can see the cleartext password and SSID of the AP that Chromecast normally connects to (because password is stored in supplicant config file which is accessible)
So the attacker does not need anything more than to see the Chromecastnnnn AP.
Click to expand...
Click to collapse
Except for the fact that if it is not connected to the router then that means the router is unavailable, and or the Password saved in cleartext isn't working. If it was it would be connected and not in Setup mode.
Thats the point I was trying to get across there....
Sure you could find passwords to APs the CCast was connected to...
But if it isn't connected at the time of the hack then those APs are not available if they were you would not be able to connect to the CCast.
And if they are available then anything saved in the CCast is worthless since the CCast couldn't use it to connect either.
And I told him how to plug that hole far better than via the ROM....
Turn on Mac Filtering so not only do you need the password but need to clone a MAC address as well.
And all of this to get at what?
Your last will and testament and some compromising Pictures?
If you make it difficult enough that the payoff isn't worth the effort they will move on....
Asphyx said:
Except for the fact that if it is not connected to the router then that means the router is unavailable, and or the Password saved in cleartext isn't working. If it was it would be connected and not in Setup mode.
Click to expand...
Click to collapse
Ahh, I see your point now.
At least for me, sometimes Chromecast will "miss" the connection shortly after boot, so the setup AP is available for a few minutes after a reboot. To exploit that, someone would need to be sitting and listening for it to pop up - not a "juicy" target, but still possible. People do strange things "just because they can" - at least that's what YouTube teaches me.
As you say, MAC filtering provides an additional deterrent level. Unfortunately the target customer is probably not sophisticated enough to do that. I'm not sure all ISP-provided devices (I avoid integrated hardware that I can't configure) allows setting MAC restrictions though.
Asphyx said:
But if it isn't connected at the time of the hack then those APs are not available if they were you would not be able to connect to the CCast.
And if they are available then anything saved in the CCast is worthless since the CCast couldn't use it to connect either.
Click to expand...
Click to collapse
Well, in theory, you could connect to the CCast when it is in unprotected AP mode, enable ssh, and write a shell script which gets started every boot and sends out the saved wifi password somewhere to the internet. Then, when the CCast owner sets up is wifi, and sometimes later reboots, the wifi passwords will be sent out.
But... since there are probably only a few thousand rooted Chromecasts, and the time window in which to push the script to the Chromecast is so narrow, I doubt anyone would spend any time to try this.
bhiga said:
Unfortunately the target customer is probably not sophisticated enough to do that. I'm not sure all ISP-provided devices (I avoid integrated hardware that I can't configure) allows setting MAC restrictions though.
Click to expand...
Click to collapse
I'm sure thats true but if your not sophisticated enough to control your own Network or let an ISP do it all for you the least of your issues are what might happen in the odd chance CCast is disconnected or in the 30 seconds before it connects to an AP during Bootup. Locking up the holes in a CCast sure isn't going to help you much LOL
frantisek.nesveda said:
Well, in theory, you could connect to the CCast when it is in unprotected AP mode, enable ssh, and write a shell script which gets started every boot and sends out the saved wifi password somewhere to the internet. Then, when the CCast owner sets up is wifi, and sometimes later reboots, the wifi passwords will be sent out.
Click to expand...
Click to collapse
Well in theory you could have it do location checks with Google and map location, SSID and Password of every AP it ever connects to...
Like I said to what end would someone do that?
What is the PAYOFF in the end?
I could understand it if your living next to Bill Gates and wanted to steal banking info....
The Average Joe doesn't have anything worth seeing that would make someone go through all of that especially when they could get it much easier by just sniffing WiFi packets and finding the same data and decrypting it.
They could sit there all day and hack the Router but they have such a small window to work with on an unconnected CCast either because they have to catch it rebooting or catch it in a location that it isn't setup for and unless you have written a program to do all of that without Human Intervention you still got a snowballs chance in hell of getting any worthwhile information...
Security only happens when there are multiple layers of protection that make it so difficult to breach that they won't bother unless the payoff is worth it.
Someone really has to hate you in order to go through all that so some of the best security practices you can implement is don't be an AZZ and no one will have it out for you enough to want to get something on you via a Hack! LOL
(Not suggesting anyone in this discussion is just saying in General LOL)
Asphyx said:
Like I said to what end would someone do that?
Click to expand...
Click to collapse
Well, would you give me your WiFi password?
I can think of a few things you could do with access to someone's WiFi... Free internet, torrenting on someone else's responsibility, or just messing with someone.
Asphyx said:
I could understand it if your living next to Bill Gates and wanted to steal banking info...
Click to expand...
Click to collapse
The real question here is... Would Bill Gates buy a Google Chromecast? :laugh:
frantisek.nesveda said:
Well, would you give me your WiFi password?
I can think of a few things you could do with access to someone's WiFi... Free internet, torrenting on someone else's responsibility, or just messing with someone.
The real question here is... Would Bill Gates buy a Google Chromecast? :laugh:
Click to expand...
Click to collapse
Sure! I could very easily give you my router password and you would still not be able to do anything you mentioned until you figured out a MAC address one of my networked devices actually uses.
And to my other point...Is Free Internet or messing with someone really worth the risk of going to a Federal Pen for hacking?
As for what Bill Gates has I wonder if he is even running Windows 8 cause I don't know anyone who has it that likes it! LOL
Asphyx said:
Sure! I could very easily give you my router password and you would still not be able to do anything you mentioned until you figured out a MAC address one of my networked devices actually uses.
Click to expand...
Click to collapse
Good point.
I guess that if we really wanted, we could play this cat and mouse game for quite some time, but the outcome would be that if you really care about security, you can make your network secure enough. But that would be just spamming the thread.
frantisek.nesveda said:
but the outcome would be that if you really care about security, you can make your network secure enough. But that would be just spamming the thread.
Click to expand...
Click to collapse
Actually I think what I was trying to say is that no matter how much you care and try to be secure...
If they want you they WILL get you and they don't need nor would they do it through your CCast when there are far better tried and true methods to attack a wireless router directly that doesn't require LUCK of a device not connecting or the timing of catching it while it is booting up in order to catch the weakness.
Any security hole that results from the CCast will likely never amount to anything more than the Prankish "Look what dirtyPorn I put on your screen"
If they want dirt they will go to the router which is always up and doesn't require some act of god or electronics to happen.
You secure your router the best you can and if that isn't enough then you need to keep your wireless off until you need it to be TRULY secure....
And even then there is nothing to stop them from tapping into the pole where your Internet connection comes in and getting you that way!
Security is nothing more than an illusion and a deterrent...Truth is your never secure no matter how much you worry which says to me...Worrying is pointless. Unless you have enemies that really want to get you...and if thats the case all the security in the world won't stop them!
Asphyx said:
Actually I think what I was trying to say is that no matter how much you care and try to be secure...
If they want you they WILL get you and they don't need nor would they do it through your CCast when there are far better tried and true methods to attack a wireless router directly that doesn't require LUCK of a device not connecting or the timing of catching it while it is booting up in order to catch the weakness.
Any security hole that results from the CCast will likely never amount to anything more than the Prankish "Look what dirtyPorn I put on your screen"
If they want dirt they will go to the router which is always up and doesn't require some act of god or electronics to happen.
You secure your router the best you can and if that isn't enough then you need to keep your wireless off until you need it to be TRULY secure....
And even then there is nothing to stop them from tapping into the pole where your Internet connection comes in and getting you that way!
Security is nothing more than an illusion and a deterrent...Truth is your never secure no matter how much you worry which says to me...Worrying is pointless. Unless you have enemies that really want to get you...and if thats the case all the security in the world won't stop them!
Click to expand...
Click to collapse
MAC access list = joke, blacklist is also a illusion changing MAC address(spoofing MAC) is extremely easy on any platform.
In case of whitelist Attacker will look into it just a bit for a longer, to know list of allowed devices.
At home you will have to whitelist every new device...
In corporate environment it will take you more time also WPA2-PSK is not suitable for serous corporate use.
About absolute security.
Security is relative term. Its just like healthy life style, it will not make you immune to diseases, it will make you generally healthier, less likely to get ill.

Work will supposedly start denying access to the wifi to rooted/jailbroken devices

So yeah, assuming their efforts is successful and they manage to set up their wifi to deny access to rooted devices, is there anyway around this without unrooting?
Apoplectic1 said:
So yeah, assuming their efforts is successful and they manage to set up their wifi to deny access to rooted devices, is there anyway around this without unrooting?
Click to expand...
Click to collapse
There used to be a module called Root Cloack(er) for Xposed frameworks that hides root, don`t know if there is a version for Marsmellow though. Its here on the XDA forums somewhere.
But how? I can't think of any way to detect a rooted/jailbroken phone from a Wifi connection, without you having to install or run some other piece of software/script that would give them that information.
revrenhex said:
But how? I can't think of any way to detect a rooted/jailbroken phone from a Wifi connection, without you having to install or run some other piece of software/script that would give them that information.
Click to expand...
Click to collapse
I'm not sure. I would not put it past my company to make us install such a script in order to access wifi.
Many places are doing this. Detecting root is simple. Even Snapchat and others are doing it. Heck they are even looking for xposed and won't work if detected.
You would be amazed at what info people can get from your device when it's connected to wifi
zelendel said:
Many places are doing this. Detecting root is simple. Even Snapchat and others are doing it. Heck they are even looking for xposed and won't work if detected.
You would be amazed at what info people can get from your device when it's connected to wifi
Click to expand...
Click to collapse
a lot of info sure... But an app running on your phone detecting it, vs detecting that something is installed simply by connecting to their network? Your phone passes along a lot of info... but not installed binaries?
I could see them maybe having a black list, like if you're connecting the the exposed repositories your likely rooted... but if you are not using programs that require root access and communicate over the network, how are they doing this?
scryan said:
a lot of info sure... But an app running on your phone detecting it, vs detecting that something is installed simply by connecting to their network? Your phone passes along a lot of info... but not installed binaries?
I could see them maybe having a black list, like if you're connecting the the exposed repositories your likely rooted... but if you are not using programs that require root access and communicate over the network, how are they doing this?
Click to expand...
Click to collapse
A simple request for the info. Have you ever looked at a logcat and saw everything running. I could be gone for weeks and come home and tell you every device that has ever connected to my network the whole time I was gone and with the right things in place could even tell if they are rooted or jailbroken
I can see the same as the poster above me on our network, it is not hard at all. And if we had such a policy and you used a cloaker I would have you fired.
Their network, their rules. I really don't think you should do this.
zelendel said:
A simple request for the info. Have you ever looked at a logcat and saw everything running. I could be gone for weeks and come home and tell you every device that has ever connected to my network the whole time I was gone and with the right things in place could even tell if they are rooted or jailbroken
Click to expand...
Click to collapse
Can you provide any links or further detail? Obviously by viewing system logs you can tell whats running.... but I have never seen any standard network function to request a connected device to send logs without permission? Google searching the topic provides little info as its saturated with info on how to root, and using root for ad blocking.
Even a brief overview of the setup you would use to check? What are "the right things" and what "place" would the need to be in?
scryan said:
Can you provide any links or further detail? Obviously by viewing system logs you can tell whats running.... but I have never seen any standard network function to request a connected device to send logs without permission? Google searching the topic provides little info as its saturated with info on how to root, and using root for ad blocking.
Even a brief overview of the setup you would use to check? What are "the right things" and what "place" would the need to be in?
Click to expand...
Click to collapse
I wont get into it too deeply as I have my guys that watch this site as well and If they go around my security setup like with exchange pin request or using some devices on my network I will fire them on the spot. Lets just say the router logs everything that is done on the network. Connect your device to your wifi and then watch a logcat. You should be able to see what you are looking for.
Understand that unless approved by me no device can connect to my network. With the right router you can see everything about a device. you wont find much info on google as things like this are kept close to the chest with the IT crowd
zelendel said:
I wont get into it too deeply as I have my guys that watch this site as well and If they go around my security setup like with exchange pin request or using some devices on my network I will fire them on the spot. Lets just say the router logs everything that is done on the network. Connect your device to your wifi and then watch a logcat. You should be able to see what you are looking for.
Understand that unless approved by me no device can connect to my network. With the right router you can see everything about a device. you wont find much info on google as things like this are kept close to the chest with the IT crowd
Click to expand...
Click to collapse
No one here is trying to connect to your network. It's XDA and people are curious. I agree that it's silly to circumvent measures used by the company you work for (assuming you want to keep working there), but I also find it strange that you connect to a network and have that router, etc tell if your phone has a specific binary and apk. Is that what you are claiming happens?
gee2012 said:
There used to be a module called Root Cloack(er) for Xposed frameworks that hides root, don`t know if there is a version for Marsmellow though. Its here on the XDA forums somewhere.
Click to expand...
Click to collapse
This is not possible to limit an android version via network traffic, the best they could do is catch you updating cyanogenmod and ban your mac by guessing that your rooted, but its so much work, its a bunch of empty threats.
mwalt2 said:
No one here is trying to connect to your network. It's XDA and people are curious. I agree that it's silly to circumvent measures used by the company you work for (assuming you want to keep working there), but I also find it strange that you connect to a network and have that router, etc tell if your phone has a specific binary and apk. Is that what you are claiming happens?
Click to expand...
Click to collapse
It can yes. And you are right this is XDA but you would be amazed at what info is not shared here or anywhere except between IT managers or other devs.
Once connected to a network it is not that hard to get everything from a device. This is why all the warnings about connecting to open networks. While Open networks are more of a risk it goes to show that anything can be done.
This has been a practice for a very long time even back to the WM days when roms encluded time bombs that would make the rom not work after a set time and date.
zelendel said:
It can yes. And you are right this is XDA but you would be amazed at what info is not shared here or anywhere except between IT managers or other devs.
Once connected to a network it is not that hard to get everything from a device. This is why all the warnings about connecting to open networks. While Open networks are more of a risk it goes to show that anything can be done.
This has been a practice for a very long time even back to the WM days when roms encluded time bombs that would make the rom not work after a set time and date.
Click to expand...
Click to collapse
It's all smoke and mirrors to me until someone explains how it's possible to read files on a device by a user just connecting to a network and providing no further interaction. Sure you can get the device MAC, name, etc, but that's not how I read your statements. As mentioned in the post above yours, you can guess on network traffic, etc, but I really doubt anyone can "know everything".
Loved the HTC Diamond and TP2 [emoji1]
mwalt2 said:
It's all smoke and mirrors to me until someone explains how it's possible to read files on a device by a user just connecting to a network and providing no further interaction. Sure you can get the device MAC, name, etc, but that's not how I read your statements. As mentioned in the post above yours, you can guess on network traffic, etc, but I really doubt anyone can "know everything".
Loved the HTC Diamond and TP2 [emoji1]
Click to expand...
Click to collapse
Its not guessing network traffic. You can tell exactly what sites they go to. You can tell if they are using a mobile or desktop browser. (same way the carriers do it to prevent teethering)
All it takes is being connected to a network to be infected with a virus. Just how do you think that happens?
No one is gonna explain it. Just like we dont allow talks about network penetration. There are just something that are best not out in public view.
Here is an older example of how they detected jailbroken iphones on school networks.
zelendel said:
Its not guessing network traffic. You can tell exactly what sites they go to. You can tell if they are using a mobile or desktop browser. (same way the carriers do it to prevent teethering)
All it takes is being connected to a network to be infected with a virus. Just how do you think that happens?
No one is gonna explain it. Just like we dont allow talks about network penetration. There are just something that are best not out in public view.
Click to expand...
Click to collapse
I am specifically referring to detecting that a binary and an apk exist on a device SOLELY based on establishing a network connection (not viruses, not websites visited...user does nothing and no new code/software runs on the device). That does not seem probable to me.
It may just be semantics, but that's how I interpreted your original statement.
Of course network admins can see what sites users visit, what browser they use, etc and there is no guessing - only logs [emoji3]. I was using guessing in different sense (ie, you see something "suspicious" and draw conclusions).
Wow.... if i ever get fired after i found out they are 'reading' files on my device... this will be case for a courtn no doubt! I'm sure (at least where i live) the one that fires you based on such actions will have a big problem!
mwalt2 said:
I am specifically referring to detecting that a binary and an apk exist on a device SOLELY based on establishing a network connection (not viruses, not websites visited...user does nothing and no new code/software runs on the device). That does not seem probable to me.
It may just be semantics, but that's how I interpreted your original statement.
Of course network admins can see what sites users visit, what browser they use, etc and there is no guessing - only logs [emoji3]. I was using guessing in different sense (ie, you see something "suspicious" and draw conclusions).
Click to expand...
Click to collapse
If you read the link they showed how to detect cydia which showed them it was jailbroken. The same thing can be done on android.
Droidphilev said:
Wow.... if i ever get fired after i found out they are 'reading' files on my device... this will be case for a courtn no doubt! I'm sure (at least where i live) the one that fires you based on such actions will have a big problem!
Click to expand...
Click to collapse
You would lose. When you agree to use their network you agree to all their rules. This is the main reason for things like Knox. As more and more place move to a "right to work" setup where they dont need a reason to fire you at all. I would be careful about what rules one does break. Gone are the days where we could get away with things like this.
You know this got me thinking. Maybe I will play around with my network and see what I can find out. I have to block root and xposed users anyway so this would be a great challenge. Might be awhile as I revert all my PC back to windows 7.
From an IT perspective, a rooted device provides little to no security. That's why most mobile device management (MDM) products include a feature that let IT block rooted devices from connecting to the secure network or accessing corporate assets. But these products must be able to detect rooted devices before they can block them, and there are ways users can get around those detection mechanisms. Organizations that rely on MDM alone to detect rooted devices should be aware of these limitations.
http://searchmobilecomputing.techta...evice-risks-include-network-access-data-theft
zelendel said:
If you read the link they showed how to detect cydia which showed them it was jailbroken. The same thing can be done on Android.
Click to expand...
Click to collapse
I didn't see a link in Tapatalk or Chrome mobile. As for me, I see no reason why I'd ever want to connect my personal smartphone to my work network. Thanks for the discussion.
zelendel said:
...snip...
Click to expand...
Click to collapse
You made me VERY curious! I will try to call HR department of the company i work for today to ask how this works for us
If i get fired because of this phonecall i will try to get you fired for making me curious

Categories

Resources