ClioSport.net

Register a free account today to become a member!
Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

Wifi Question :)



Lets say I'm out side my mates house Connecting to his router with my wifi card :) and i login to msn can he View the packets and get my password ?? or does the pass word get sent as encrypted data


i know he can view the websites go on to but that dont matter :) just wondering about the msn password:)
 

sn00p

ClioSport Club Member
  A blue one.
As far as I can remember, MSN messenger is a text (possibly xml) based protocol, so in theory (probably) yes (unless they've fixed this in later versions of the protocol).

But it'd mainly depend on whether his access point acts like a switch or a hub.
 
  UR 197, AB 182 FF
Doesnt matter either way, if you know the WEP (or WPA) key and you arent connecting over https, you can sniff the packets.

So in short, yes.
 
  Megane DCi 147bhp/350nwm
using a wireless/router/modem can i view what everyone does?if so how!?!

sorry for stealing the thread
 
I thought the Msn Protocal Password Packet was encrypted in MD5 encryption. so even if they got the encrypted password they wouldnt be able to change it
 

sn00p

ClioSport Club Member
  A blue one.
MikeDX said:
Doesnt matter either way, if you know the WEP (or WPA) key and you arent connecting over https, you can sniff the packets.

So in short, yes.

Ahh...yes...of course, there is that! :eek:
 

sn00p

ClioSport Club Member
  A blue one.
Rob_887 said:
I thought the Msn Protocal Password Packet was encrypted in MD5 encryption. so even if they got the encrypted password they wouldnt be able to change it

Ok....dug a little more.

It sends a challenge string back to the connection client, they concatenate their password onto it and generate an md5 hash which gets sent back to the server.

The server already knows the password & obviously the challenge string so has computed the hash, if the two hashes don't correlate then it's "goodbye".

No is the answer, he can't find your password out. He can however read and messages coming in etc.
 
They would be able to get my fourm password tho wouldn't they.
This fourm sends as normal HTTP 1/1 Packets dont it ?
 

sn00p

ClioSport Club Member
  A blue one.
Rob_887 said:
They would be able to get my fourm password tho wouldn't they.
This fourm sends as normal HTTP 1/1 Packets dont it ?

Yes. Unless it uses some javascript jiggery pokery.
 
b3nje said:
using a wireless/router/modem can i view what everyone does?if so how!?!

sorry for stealing the thread

On my NetGear Wireless i can view a log of all web sites Viewed on the network by going to http://192.168.0.1 ( Router Admin configuration )
on mine it only logs Web sites don't no how to View every packet sent
 
  RB 182
If he can access your computer instead of packet sniffing he can get you passwords using the right programs.
 
  Fiat Panda 100hp
Depends how Geeky your mate is, ifs like the average IT keep then proberly not, but if ur 100% geek then yes. My IT teacher can do anything lol
 
  UR 197, AB 182 FF
Conteo said:
Depends how Geeky your mate is, ifs like the average IT keep then proberly not, but if ur 100% geek then yes. My IT teacher can do anything lol

Can he...

Email address please.
 
Conteo said:
Depends how Geeky your mate is, ifs like the average IT keep then proberly not, but if ur 100% geek then yes. My IT teacher can do anything lol

nah theres no way they can get the password from the Hash ( encrypted password) it would take YEARS as the way its encryted is all server side. so only msn no the key and format of the encryption ( would take years to brute force it )

I think im correct:)
 
  UR 197, AB 182 FF
Rob_887 said:
nah theres no way they can get the password from the Hash ( encrypted password) it would take YEARS as the way its encryted is all server side. so only msn no the key and format of the encrypstion

No but you can change the password by logging into hotmail as them and changing the password using sniffed http packets
 
MikeDX said:
No but you can change the password by logging into hotmail as them and changing the password using sniffed http packets
Isnt the HTTP/Email side of hotmail all httpS that use's fully encoded HTML? both client and server side?
 
  RB 182
I'm not talking about packet sniffing, do you save your password for MSN Messenger so you don't have to type it in every time?
 
benclelland said:
I'm not talking about packet sniffing, do you save your password for MSN Messenger so you don't have to type it in every time?

Nope :) To many friends use the pc lol ( they could keylog me to get it but they would have to get a EXE on my computer and Excute it )
 
  UR 197, AB 182 FF
Rob_887 said:
Isnt the HTTP/Email side of hotmail all httpS that use's fully encoded HTML? both client and server side?

Possibly. do you use different passwords for everything?
 
MikeDX said:
Possibly. do you use different passwords for everything?

Msn has its own password (Full of symbols,numbers and caps) as thats the only password i care about all the others like fourms and stuff are the same
 
  UR 197, AB 182 FF
Rob_887 said:
Msn has its own password (Full of symbols,numbers and caps) as thats the only password i care about all the others like fourms and stuff are the same

I think your paranoia may be your best security :)
 
MikeDX said:
I think your paranoia may be your best security :)

HaHa Best advice i have heard all day ;)

Real Reason ;)

Been war driving all day was just testing out my new car pc and been connecting to msn though some ones router
( bad i know ) ( nothing bad intended just to chat on msn )
 


Top