The Def Con security conference has open wifi, and people make a game of trying to capture packets of others trying to log into non-SSL websites. If successful, they post the credentials on the “Wall of Sheep”.

One year I got the idea to try to exploit the Wall. I didn't succeed but had great fun trying!

There was a person who captured a Logitech Starburst V2 packet capture from one of their management machines.

Using a tool called JackIt, demonstrated either sniffing all text from a keyboard, OR injection of an emulated keyboard through the dongle.

IIRC, the mouse was a clone Logitech that was even plugged in to charge.

> They grinned: “it’s just some old software we run.”

Ha! There are layers of lessons to be learned here.

Quote of TFA:

> I asked the Shepherd how a login goes from being captured to being shown on the Wall of Sheep. Their reply doomed our fun: “I’d type it in.” Oh no. That’s not good. “Isn’t it automatic?”, I asked. The Shepherd paused to rub the bridge of their nose. “Well,” they sighed, “it was until people started sending a bunch of vile usernames and passwords and kind of ruined it2, so now we have to moderate the process.”

I guess it shows even mere mortals attend Def Con. Thinking that website authentication is still being done with Basic Auth? Come on...