The Def Con security conference has open wifi, and people make a game of trying to capture packets of others trying to log into non-SSL websites. If successful, they post the credentials on the “Wall of Sheep”.
One year I got the idea to try to exploit the Wall. I didn't succeed but had great fun trying!
Someone at DEFCON captured the wireless data from a mouse/keyboard dongle. The dongle was connected to a computer that belonged to the organizers, possibly managing the Wall of Sheep. They were able to capture and/or simulate input from/to the dongle.
> I asked the Shepherd how a login goes from being captured to being shown on the Wall of Sheep. Their reply doomed our fun: “I’d type it in.” Oh no. That’s not good. “Isn’t it automatic?”, I asked. The Shepherd paused to rub the bridge of their nose. “Well,” they sighed, “it was until people started sending a bunch of vile usernames and passwords and kind of ruined it2, so now we have to moderate the process.”
The Def Con security conference has open wifi, and people make a game of trying to capture packets of others trying to log into non-SSL websites. If successful, they post the credentials on the “Wall of Sheep”.
One year I got the idea to try to exploit the Wall. I didn't succeed but had great fun trying!
Really enjoyed this story, thanks for sharing!
You bet! It was a lot of fun to do and to write up afterward.
There was a person who captured a Logitech Starburst V2 packet capture from one of their management machines.
Using a tool called JackIt, demonstrated either sniffing all text from a keyboard, OR injection of an emulated keyboard through the dongle.
IIRC, the mouse was a clone Logitech that was even plugged in to charge.
Ok this took me a minute to parse.
Someone at DEFCON captured the wireless data from a mouse/keyboard dongle. The dongle was connected to a computer that belonged to the organizers, possibly managing the Wall of Sheep. They were able to capture and/or simulate input from/to the dongle.
Nice.
Yep, that's correct. Probably shouldnt post here tired!
I saw it on the defcon subreddit. Post was deleted, but IA made a snapshot.
https://web.archive.org/web/20220428221916/https://www.reddi...
> They grinned: “it’s just some old software we run.”
Ha! There are layers of lessons to be learned here.
Right? Huh, we need a tech stack that happily survives one of the most hostile networks in the world. Shall we update to a React SPA? Perhaps not.
Quote of TFA:
> I asked the Shepherd how a login goes from being captured to being shown on the Wall of Sheep. Their reply doomed our fun: “I’d type it in.” Oh no. That’s not good. “Isn’t it automatic?”, I asked. The Shepherd paused to rub the bridge of their nose. “Well,” they sighed, “it was until people started sending a bunch of vile usernames and passwords and kind of ruined it2, so now we have to moderate the process.”
Some people take pride in ruining it for everyone.
I guess it shows even mere mortals attend Def Con. Thinking that website authentication is still being done with Basic Auth? Come on...