NEWS: Hotspot sniffer eavesdrops on iPhone [VoIP & video] in real-time
in [Wireless Internet]
|
Prev: HOW TO: Two separate wireless networks on one router (with DD-WRT)
Next: NEWS: Hotspot sniffer eavesdrops on iPhone [VoIP & video] inreal-time
From: John Navas on 24 Oct 2009 17:06 People who use public WiFi to make iPhone calls or conduct video conferences take heed: It just got a lot easier to monitor your conversations in real time. At a talk scheduled for Saturday at the Toorcon hacker conference in San Diego, two security researchers plan to show the latest advances in the open-source UCSniff tool for penetrating voice-over-internet-protocol systems. With a few clicks of a mouse, they will eavesdrop on a call between two audience members using popular iPhone applications that route the calls over the conference network. ... "If we can do this, there are many, many people out there who can do this. It's not rocket science," ... MORE: <http://www.theregister.co.uk/2009/10/23/iphone_voip_sniffing_made_easy/> -- Best regards, John <http:/navasgroup.com> If the iPhone is really so impressive, why do iFans keep making excuses for it?
From: Jeff Liebermann on 25 Oct 2009 00:17 On Sat, 24 Oct 2009 14:06:30 -0700, John Navas <spamfilter1(a)navasgroup.com> wrote: > they will eavesdrop on a call between two audience members using > popular iPhone applications that route the calls over the conference > network. > >MORE: ><http://www.theregister.co.uk/2009/10/23/iphone_voip_sniffing_made_easy/> I guess that might be Skype. I'll believe it when I see it: <http://www.theregister.co.uk/2009/02/12/nsa_offers_billions_for_skype_pwnage/> <http://intelligencenews.wordpress.com/2009/08/28/02-140/> -- # Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060 # 831-336-2558 # http://802.11junk.com jeffl(a)cruzio.com # http://www.LearnByDestroying.com AE6KS
From: Larry on 25 Oct 2009 01:14 John Navas <spamfilter1(a)navasgroup.com> wrote in news:1tq6e59ek5ld1sjmtqa568btrbg50330f1(a)4ax.com: > People who use public WiFi to make iPhone calls or conduct video > conferences take heed: It just got a lot easier to monitor your > conversations in real time. > > At a talk scheduled for Saturday at the Toorcon hacker conference in > San Diego, two security researchers plan to show the latest advances > in the open-source UCSniff tool for penetrating > voice-over-internet-protocol systems. With a few clicks of a mouse, > they will eavesdrop on a call between two audience members using > popular iPhone applications that route the calls over the conference > network. > > I'd love to see 'em do it to a Skype phone call of 5 minutes duration over any open wifi you choose. I want to hear the voice recording of the conversation as proof they can do it that quickly. "Bullshit" comes to mind. 1 - Skype uses ANY of the 65,535 port numbers, making it hard to find in the first place...lots of port scanning to start with. After finding which port your Skype is using, say port 49,273 for grins, they can start working on the per-call 256-bit encryption they don't have the key for that changes with every call. Now, can they do all that within the 5 minutes of my phone call? Bullshit.....pure bullshit....even if they have my current sellphone IP, which changes with every call, also. My call is long over before they even identify the data stream.....5 minutes, 300 seconds.....NOT THROUGH A SERVER, IP to IP, through a massive network of Skype users' computers used as network interface in background. At 0047 EDT 10/25/09, My Skype is connected for interface data to: Skype.exe:10308 TCP schultz:1184 cpe-24-210-197- 182.woh.res.rr.com:36334 ESTABLISHED Skype.exe:10308 TCP schultz:54683 69.171.167.3:55703 ESTABLISHED That last IP seems to be on Leap Wireless (Cricket is Leap) in Charlotte, NC, that does have Cricket service. My trace to it stopped at: 9 4.69.132.161 25ms 24ms 25ms TTL: 0 (ae-4- 4.car1.Charlotte1.Level3.net ok) 10 4.71.124.58 26ms 25ms 26ms TTL: 0 (LEAP- WIRELE.car1.Charlotte1.Level3.net ok) How are the bullshit experts at NSA going to suck my data off this guy's Cricket aircard and his netbook at Bert's Bar on port 54683? Hell, how are they ever going to find it?! Where's woh on Road Runner...res means it's a residence, somebody's desktop. I can see a small amount of encrypted data going through these connections with my sniffer. Oops, the netbook on Cricket just dropped offline. I made a test call then paused TCPView to save the paths it opened to complete this call. Here's a list of stations just calling Skype Test in England opened: 163-161.static.quiettouch.com:63082 213.244.170.76:11079 193.88.6.12:60825 78.141.177.72:30819 78.141.177.73:41988 212.8.163.80:25585 212.8.163.80:8560 193.88.6.12:16386 213.244.170.77:63122 213.244.170.77:58692 213.244.170.76:47828 212.8.163.80:27650 These :ports were open for about .8 seconds until the key was passed, I can only assume through a few of them, one of them, all of them....who knows? Then, these ports were dumped to System Process in Time_wait. 78.141.177.73:39688 stayed open and is my new port to replace the netbook that died as this call completed. My new Skype partner seems to be in Luxembourg? NSA got a PC at his house? 8 64.215.80.102 125ms 124ms 125ms TTL: 0 (P-T-LUXEMBOURG.Te4- 4.1162.ar4.AMS2.gblx.net probable bogus rDNS: No DNS) 9 213.166.61.202 133ms 133ms 130ms TTL: 0 (PTLUX-Teralink- Frankfurt.pt.lu fraudulent rDNS) 10 213.166.61.206 126ms 125ms 131ms TTL: 0 (No rDNS) 11 213.135.247.105 * * 126ms TTL: 0 (No rDNS) 12 213.135.247.102 126ms 126ms 127ms TTL: 0 (No rDNS) 13 78.141.177.73 126ms 125ms 126ms TTL: 48 (No rDNS) So, how in hell do you think this crazy stream of crazy IPs all over the place on all these random ports is going to be detected, decoded, decrypted before my 5 minute phone call to Mom is OVER?! It's not.......All the propaganda bullshit isn't going to do it...like the news article I posted says.... Download TCPView from the net and install it. Take a look for yourselves the shitstorm of Skype IPs that are used on every call. It must be a government nightmare....worldwide. -- Larry
From: John Blutarsky on 25 Oct 2009 10:09 Larry <noone(a)home.com> wrote in news:Xns9CAFC997AD82noonehomecom(a)74.209.131.13: <snip> You don't read very well, among other things. The goal was not to trace the call, but to listen to it. Listen to it after coming out of your computer and before going to it's next destination. Listening to it as it gets to your computer. All easily done by sniffing the hotspot you're computer is using at the time. But thanks for once again showing that you have no clue about technology. The only difference between you and John Novice is...well...nothing. Oh wait- that's not fair- you are much more paranoid. >
From: Jeff Liebermann on 25 Oct 2009 13:27
On Sun, 25 Oct 2009 01:33:54 -0500, Dennis Ferguson <dcferguson(a)pacbell.net> wrote: >On 2009-10-25, Jeff Liebermann <jeffl(a)cruzio.com> wrote: >> On Sat, 24 Oct 2009 14:06:30 -0700, John Navas >><spamfilter1(a)navasgroup.com> wrote: >>> they will eavesdrop on a call between two audience members using >>> popular iPhone applications that route the calls over the conference >>> network. >>> >>>MORE: >>><http://www.theregister.co.uk/2009/10/23/iphone_voip_sniffing_made_easy/> >> >> I guess that might be Skype. I'll believe it when I see it: >><http://www.theregister.co.uk/2009/02/12/nsa_offers_billions_for_skype_pwnage/> >><http://intelligencenews.wordpress.com/2009/08/28/02-140/> >No, my guess would be that they're talking about standard, >SIP-based VoIP (mostly because they quote someone from Sipera >about business usage). > >Dennis Ferguson Oh well. SIP Sniffing is not rocket science. I use Cain and Abel: <http://www.oxid.it/ca_um/topics/voip.htm> or WireShark with a SIP/RTP capture filter: <http://wiki.wireshark.org/SIP> <http://wiki.wireshark.org/CaptureFilters> (near bottom of page) <http://www.wireshark.org/docs/dfref/s/sip.html> I've never tried it via wireless but as long as I don't have to deal with WPA encryption, it doesn't seem like much of a challenge. -- Jeff Liebermann jeffl(a)cruzio.com 150 Felker St #D http://www.LearnByDestroying.com Santa Cruz CA 95060 http://802.11junk.com Skype: JeffLiebermann AE6KS 831-336-2558 |