You are here

NarkNet: Passive Wi-Fi Surveillance

Do you use open Wi-Fi? Did you know that it is possible to passively intercept your traffic? See a live demo and learn how to protect yourself.

NarkNet uses free off-the-shelf technology that comes natively with many operating systems to passively intercept wireless networking traffic.

The WiFi network adapter in your computer is a radio. The radio can be manually tuned to the radio frequency used by a WiFi access point (AP).

Once the radio is tuned to the right frequency it can passively receive all the WiFi network traffic to and from the AP (this will include traffic for all the clients associated with the AP).

Programs such as ettercap and CookieCadger can be used to automatically sift through the WiFi traffic to reveal sensitive information such as user IDs, passwords, and session cookies which can be used to hijack sessions and services.

It is not possible to detect NarkNet being used. Encrypting the WiFi traffic with protocols such as WPA2 can help but this does not protect your traffic from being intercepted on the wired network by government agencies such as the NSA, GCHQ, and BND or from organized crime using BGP attacks to reroute entire sections of the Internet through their data center.

We will do a live demonstration of NarkNet as part of the presentation.

If you would like to play along you will need the following:

  1. PC or Laptop

  2. Latest Kali Linux on hard drive or on bootable USB with persistence (links below, encryption not required)

  3. A Linux compatible wireless network adapter that supports 802.11g monitor mode. I recommend the following USB adapters:
    Alfa AWUS036H for 802.11b/g
    EDIMAX EW-7733UnD or Rosewill N900UBE for 802.11 a/b/g/n

  4. You will need to modify /etc/network/interfaces

    Comment out the following lines
    allow-hotplug eth0
    iface eth0 inet dhcp
    Add the following lines
    auto eth0
    iface eth0 inet dhcp

    auto eth1
    iface eth1 inet dhcp

    auto wlan0
    iface wlan0 inet manual

    auto wlan1
    iface wlan1 inet manual

    auto wlan2
    iface wlan2 inet manual

    auto mon0
    iface mon0 inet manual

    auto mon1
    iface mon1 inet manual

    auto scan0
    iface scan0 inet manual

    auto scan1
    iface scan1 inet manual

    auto at0
    iface at0 inet manual

    auto at1
    iface at1 inet manual

Resources:

Kali Linux
http://www.kali.org/downloads/

Kali Encrypted USB Persistence
http://www.offensive-security.com/kali-linux/kali-encrypted-usb-persistence/
http://preview.tinyurl.com/kcbyrkn

NarkNet site
http://narknet.com

NarkNet presentation slides
http://narknet.com
http://www.cc.gatech.edu/~krwatson/

Session Tracks

Infosec

Session Presenter(s)

Keith R. Watson