Feb 10 / sandeep

How your Password can be Hacked if you are on Local network.

, ,

Today I would like to share with you how Hackers can hack your Password when you are local network or wireless shared network. (like the Wi-Fi at Starbucks, CCD or in a hotel).

So first I would like to tell you very quickly some thing about how the data you enter on a web page is communicated with the web server.Basically there are be two protocols which can be used to talk to a webserver, they are Http and second one  is Https. Https is the secured one its used SSL certificates to encrypt all the data you enter on a webpage and sends to the web server ideally speaking it is very secure and unbreakable until and unless a very HiFi organization (like NSA )  get into the work, they cannot break the code and crack your password.( assuming they are trying to hack using network packet sniffing)

There are two ways the web browser can send info to the webserver one method is GET and second one is POST so if you want to know which one the form is using just open the code and see it will be written some thing like <form action=”some link” method=”Get”>

Now the difference between the two is GET will simply append the parameters inside the form to the url and send it to server some thing like say for example somewebsite.com is having a form like userid and password and a submit button and it uses get method so when you enter userid and password then click submit then the url will be appended like [somewebsite,com/?userif=userid_you_enterd&pass=Password_youentred] the user-scores wont be there i included for better readability. normally any form which asks userid and pass will not use get method. so the second method is POST post also does the same thing but it wont append the parameters in the url but send them to the server in the background without user seeing it. and remember POST do not encrypt your password if there is any way we can see this post message which browser is sending then we will be knowing the password. In this post i will explain you how to see the post message that the browser is posting to the server.

Example of GET Method. check out google : search some thing and see the url.

Example of POST Method. Facebook and all the webpages where Userid and pass is asked.

Now to see what browser is communicating with the server there is a nice plugin for firefox that is live HTTP headers Plugin.

  • open your firefox browser go to this link : live HTTP headers
  • Install that Plugin
  • Restart firefox.
  • go to the menu section of firefox tools>livehttpheaders click on it
  • A new window will open and there is small check box at the bottom named as capture. check it.
  • minimize the window and keep it like that .it is going to capture all the data the browser is sending and receiving.
  • open Facebook.com in firefox and enter your id and password click submit. thats it.
  • Now go to the window that you have minimized before. it will show some large no of lines with out much meaning for you

On top of this window there are four small tabs Headers,generators,config,about. click on Generators there you will find all GET and POST messages. you see the post message in it you can notice id and password :) of your facebook account Shown in Plane Text :)

Here is the screen shot of how it  looks the red colored one is My id and Password :) I know you people will try to crack mine so i have that pass :) .

livehttpheader

So this is how your browser send the data.

This data that you are sending from your system to your local router to the facebook server can some times to taped and the hackers look for such Packets and try to crack your password.

Here are some tools that people use to sniff the data from the local Network or wireless network. these tools will give you all the data that local network users are sending and receiving through a router so it simply works like the httpliveheaders for the firefox but for netwroks ( some of the tools are Kismet Netstumbler Nmap )

Next time when you are brousing on free unsecured network be carefull :)

Note: As far as my knowledge  is concerned about internet that about things presented are correct Please let me know if i made any mistake or Error. and Please take this article as a guide to protect your self from hackers  and not to Hack other Passwords.

Filed under Tech

4 Comments

leave a comment
  1. karthik / Feb 11 2010

    So When we are connected to a network such as unsecured wireless. We can see all the header details that other people are sending from different computers connected to same network in our computer. Is this what ur saying?

    Reply
  2. Nishant Agarwal / Feb 11 2010

    Many websites use HTTPS protocol for login pages so that the data sent is in encrypted form. In such cases, i guess we cannot sniff the data.

    FB does not use HTTPS protocol for login page. So we’re able to see the login details.

    Reply
    • sandeep / Feb 12 2010

      yeah website is like Gmail, orkut paypal and all ecommerce websites use HTTPS so we wont be able to decrypt them.
      But orkut implement https for authentication only. once u are logged-in thats it you are on Http when ever you visit People’s profile or check out there pictures all that data can be sniffed easily.

      next time when u are on unsecured network be watchful when u poke a friend or check out a profile, picutres :)

      Reply
Leave a Comment

Powered by Olark