Intercepting Traffic with Wireshark
Intercepting Traffic with Wireshark
To make this work, we'll need to use Wireshark to sniff Wi-Fi traffic between our target computer and the router. Our goal will be to capture unencrypted HTTP traffic flowing to our target's computer as they view the security camera feed. To do this, though, there will be a few things we need to take care of first.
We'll need to break the encryption of the network. If we know the password, we can always join the network ourselves, but this opens up a further risk of detection. Instead, we can add the Wi-Fi keys we know to Wireshark, and decrypt the data we sniff without ever connecting to the network. This means our attack will be mostly passive, leaving little opportunity for us to be detected.
One critical thing we'll need that isn't passive is a Wi-Fi handshake to see the traffic. Because Wireshark needs to observe a Wi-Fi handshake to decrypt subsequent traffic, simply knowing the password is not enough. To succeed, we'll need to isolate traffic from the computer we're interested in with a Wireshark filter, capture a four-way WPA handshake, and then decrypt the data with the password we know.
To make this work, we'll need to use Wireshark to sniff Wi-Fi traffic between our target computer and the router. Our goal will be to capture unencrypted HTTP traffic flowing to our target's computer as they view the security camera feed. To do this, though, there will be a few things we need to take care of first.
We'll need to break the encryption of the network. If we know the password, we can always join the network ourselves, but this opens up a further risk of detection. Instead, we can add the Wi-Fi keys we know to Wireshark, and decrypt the data we sniff without ever connecting to the network. This means our attack will be mostly passive, leaving little opportunity for us to be detected.
One critical thing we'll need that isn't passive is a Wi-Fi handshake to see the traffic. Because Wireshark needs to observe a Wi-Fi handshake to decrypt subsequent traffic, simply knowing the password is not enough. To succeed, we'll need to isolate traffic from the computer we're interested in with a Wireshark filter, capture a four-way WPA handshake, and then decrypt the data with the password we know.
No comments