Quote of TFA:
> I asked the Shepherd how a login goes from being captured to being shown on the Wall of Sheep. Their reply doomed our fun: “I’d type it in.” Oh no. That’s not good. “Isn’t it automatic?”, I asked. The Shepherd paused to rub the bridge of their nose. “Well,” they sighed, “it was until people started sending a bunch of vile usernames and passwords and kind of ruined it2, so now we have to moderate the process.”
Some people take pride in ruining it for everyone.
The Def Con security conference has open wifi, and people make a game of trying to capture packets of others trying to log into non-SSL websites. If successful, they post the credentials on the “Wall of Sheep”.
One year I got the idea to try to exploit the Wall. I didn't succeed but had great fun trying!
Really enjoyed this story, thanks for sharing!
You bet! It was a lot of fun to do and to write up afterward.
There was a person who captured a Logitech Starburst V2 packet capture from one of their management machines.
Using a tool called JackIt, demonstrated either sniffing all text from a keyboard, OR injection of an emulated keyboard through the dongle.
IIRC, the mouse was a clone Logitech that was even plugged in to charge.
Ok this took me a minute to parse.
Someone at DEFCON captured the wireless data from a mouse/keyboard dongle. The dongle was connected to a computer that belonged to the organizers, possibly managing the Wall of Sheep. They were able to capture and/or simulate input from/to the dongle.
Nice.
> They grinned: “it’s just some old software we run.”
Ha! There are layers of lessons to be learned here.
Right? Huh, we need a tech stack that happily survives one of the most hostile networks in the world. Shall we update to a React SPA? Perhaps not.
I guess it shows even mere mortals attend Def Con. Thinking that website authentication is still being done with Basic Auth? Come on...