hpr_transcripts/hpr0127.txt

Episode: 127
Title: HPR0127: How to be Nosey on the Interwebz
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr0127/hpr0127.mp3
Transcribed: 2025-10-07 11:51:23

---

Music
Music
Music
Music
Welcome to another episode of HPR. I am your host Enigma and today I will be talking about
how to be nosy on the inner webs. This is a presentation that I gave at my local
813 bin rev meeting but for those of you who weren't in Tampa that week that I gave
it I'm going to give it to you anyway. So the basis of this presentation is you're
sitting at your local Starbucks or any place that has a free Wi-Fi and you want to be
a little bit nosy and see whether people are doing. Nothing will let you just you know
poking around. So what you will need for my presentation is the Elenix laptop. You
can do this on windows too but for my purposes I'm using open to Elenix. The local wireless
networking need to be connected obviously. This is under the assumption that it's a public
network that you don't have any encryption to deal with or anything but there's plenty
of tools out there that can end tutorials that you know break web or break WPA or anything
like that but for my purposes I'm you know a normal user on the wireless network. I'm going
to be using four tools, header cap, wire shark, driftnet and end map. These four tools are
available in the Ubuntu repositories and basically took me about 15 minutes to install
them. They're available through Synaptic but I use AppGit to get them. Synaptic is the front-end
of AppGit for Ubuntu but I'm a command line guy so I'm going to go with AppGit. So the syntax
for AppGit is pseudo-appGit install and then the package name. So pseudo-appGit install
end map, pseudo-appGit install driftnet and so on and so forth. So after you install and set up
all four tools the next process is we need to find our targets on the network. So this can be
accomplished through end map and end map has a nifty feature called pink scanning. Among many others
I use pink scanning to scan a range of IPs to see which talk back. This can be accomplished by using
the simple command and I'm going to put this presentation up in the show notes so you don't need
to take notes but the syntax is end map dash s, lurk s, capital p and then your range. So for my
example it'll be 192.168.1-254 so I'm going to scan 192.168.1.1-254 and if you know anything about
subnetting these numbers will vary depending on your subnet and the range of addresses you want to scan.
So after that we need to poison our target and that is accomplished by using a tool called
header cap and basically we are pretending to be the router and sniffing the traffic between
the target computer and the router or computer to computer if you're in a peer-to-peer network.
But for our purposes we are going to use header cap and the command for that is pseudo header cap
minus capital T dash capital M and then ARP which is address resolution protocol
dash i for the interface and it's my interface is WLAN 0 but your mileage may have vary depending
on what laptop you have and then the address that your well I put the address of the router which
was 192.168.1.1 and then the address of the targeted computer which in my case is 108
and you can do the syntax is and you'll see in the show notes that it's followed or preceded by a
forward slash and followed by forward slash and this is because the syntax assumes that you can put
in multiple entries in other words you can put in either the MAC address the IP address and a
port number so let's say if I only wanted to see 80 traffic which is web traffic I could put you
know 192.168.1.1.4 slash 80 and that would get me all of the web traffic from that target
but for my example I just scrapped all of the traffic and then the two tools that are remaining
wire shark and drift net if if you're not familiar with drift net drift net reassembles
images on the fly so basically you fire up that tool by using the command line pseudo drift net
and then dash i and then the interface name and this puts up a little window on your screen
that if someone browses a page with images it actually will display that for you so it's kind of
neat it's and you can also save those images to your hard drive so it's quite interesting to
see what people surf on a public wifi and then wire shark is the other one
wire shark is a packet sniffer I'm sure you've heard of it it used to be called either real
it's just a normal everyday packet sniffer that you know you can put filters in you can you can
only view certain port numbers you can only view certain you know IP addresses things like that
and there's plenty of tutorials out there for wire sharks so I'm not going to go heavy into that
I may do an hbr one of these days on wire shark filters they can get very complex and there's
few handy ones that because wire shark will don't pretty much anything any broadcast traffic over
the network and anything that you poison obviously you'll get all of their traffic so I might do an
hbr on that but for now all you need to know is that you know drift net will surf all the image or
pull the images off the the poisoned computer and wire shark will grab everything that's sent
to and from and in my presentation I actually did a demo for the the guys at the at the meeting
and it was my grab some screenshots of what I was doing and if you know
like I did an example for a FTP traffic and you can basically pull you know passwords because FTP
transmits in clear text you can pull passwords right out of the wire shark it's kind of handy
pop three works that same way telling that I don't know whoever uses tell net anymore but some people do
so it's very very handy now I do put a disclaimer in this I don't you know support you doing
malicious stuff but you know it's pretty neat to go out there and see what people are are surfing
on on a public wi-fi and and maybe creating some awareness of of how dangerous that can be
this has been another episode of hbr I wanted to give a quick shout out to clatoon he sent me
some really neat images for labels for hpr CDs but I hope to take to hope so if you're going to
the conference you can shoot me an email and you know see me at the conference and I'll give you
out a free CD I think I'm going to do the first hundred episodes of hpr and we're going to put
them on a CD and have some I think three different labels CD labels on them that are really
they really look cool and thanks to clatoon and all the hosts for doing such a great job and
we'll see everyone tomorrow on another episode of Hacker Public Radio.
Thank you for listening to Hacker Public Radio.
hpr is sponsored by caro.net so head on over to see aro.nc for all of us in the
hv
Initial commit: HPR Knowledge Base MCP Server - MCP server with stdio transport for local use - Search episodes, transcripts, hosts, and series - 4,511 episodes with metadata and transcripts - Data loader with in-memory JSON storage 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> 2025-10-26 10:54:13 +00:00			`Episode: 127`
			`Title: HPR0127: How to be Nosey on the Interwebz`
			`Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr0127/hpr0127.mp3`
			`Transcribed: 2025-10-07 11:51:23`

			`---`

			`Music`
			`Music`
			`Music`
			`Music`
			`Welcome to another episode of HPR. I am your host Enigma and today I will be talking about`
			`how to be nosy on the inner webs. This is a presentation that I gave at my local`
			`813 bin rev meeting but for those of you who weren't in Tampa that week that I gave`
			`it I'm going to give it to you anyway. So the basis of this presentation is you're`
			`sitting at your local Starbucks or any place that has a free Wi-Fi and you want to be`
			`a little bit nosy and see whether people are doing. Nothing will let you just you know`
			`poking around. So what you will need for my presentation is the Elenix laptop. You`
			`can do this on windows too but for my purposes I'm using open to Elenix. The local wireless`
			`networking need to be connected obviously. This is under the assumption that it's a public`
			`network that you don't have any encryption to deal with or anything but there's plenty`
			`of tools out there that can end tutorials that you know break web or break WPA or anything`
			`like that but for my purposes I'm you know a normal user on the wireless network. I'm going`
			`to be using four tools, header cap, wire shark, driftnet and end map. These four tools are`
			`available in the Ubuntu repositories and basically took me about 15 minutes to install`
			`them. They're available through Synaptic but I use AppGit to get them. Synaptic is the front-end`
			`of AppGit for Ubuntu but I'm a command line guy so I'm going to go with AppGit. So the syntax`
			`for AppGit is pseudo-appGit install and then the package name. So pseudo-appGit install`
			`end map, pseudo-appGit install driftnet and so on and so forth. So after you install and set up`
			`all four tools the next process is we need to find our targets on the network. So this can be`
			`accomplished through end map and end map has a nifty feature called pink scanning. Among many others`
			`I use pink scanning to scan a range of IPs to see which talk back. This can be accomplished by using`
			`the simple command and I'm going to put this presentation up in the show notes so you don't need`
			`to take notes but the syntax is end map dash s, lurk s, capital p and then your range. So for my`
			`example it'll be 192.168.1-254 so I'm going to scan 192.168.1.1-254 and if you know anything about`
			`subnetting these numbers will vary depending on your subnet and the range of addresses you want to scan.`
			`So after that we need to poison our target and that is accomplished by using a tool called`
			`header cap and basically we are pretending to be the router and sniffing the traffic between`
			`the target computer and the router or computer to computer if you're in a peer-to-peer network.`
			`But for our purposes we are going to use header cap and the command for that is pseudo header cap`
			`minus capital T dash capital M and then ARP which is address resolution protocol`
			`dash i for the interface and it's my interface is WLAN 0 but your mileage may have vary depending`
			`on what laptop you have and then the address that your well I put the address of the router which`
			`was 192.168.1.1 and then the address of the targeted computer which in my case is 108`
			`and you can do the syntax is and you'll see in the show notes that it's followed or preceded by a`
			`forward slash and followed by forward slash and this is because the syntax assumes that you can put`
			`in multiple entries in other words you can put in either the MAC address the IP address and a`
			`port number so let's say if I only wanted to see 80 traffic which is web traffic I could put you`
			`know 192.168.1.1.4 slash 80 and that would get me all of the web traffic from that target`
			`but for my example I just scrapped all of the traffic and then the two tools that are remaining`
			`wire shark and drift net if if you're not familiar with drift net drift net reassembles`
			`images on the fly so basically you fire up that tool by using the command line pseudo drift net`
			`and then dash i and then the interface name and this puts up a little window on your screen`
			`that if someone browses a page with images it actually will display that for you so it's kind of`
			`neat it's and you can also save those images to your hard drive so it's quite interesting to`
			`see what people surf on a public wifi and then wire shark is the other one`
			`wire shark is a packet sniffer I'm sure you've heard of it it used to be called either real`
			`it's just a normal everyday packet sniffer that you know you can put filters in you can you can`
			`only view certain port numbers you can only view certain you know IP addresses things like that`
			`and there's plenty of tutorials out there for wire sharks so I'm not going to go heavy into that`
			`I may do an hbr one of these days on wire shark filters they can get very complex and there's`
			`few handy ones that because wire shark will don't pretty much anything any broadcast traffic over`
			`the network and anything that you poison obviously you'll get all of their traffic so I might do an`
			`hbr on that but for now all you need to know is that you know drift net will surf all the image or`
			`pull the images off the the poisoned computer and wire shark will grab everything that's sent`
			`to and from and in my presentation I actually did a demo for the the guys at the at the meeting`
			`and it was my grab some screenshots of what I was doing and if you know`
			`like I did an example for a FTP traffic and you can basically pull you know passwords because FTP`
			`transmits in clear text you can pull passwords right out of the wire shark it's kind of handy`
			`pop three works that same way telling that I don't know whoever uses tell net anymore but some people do`
			`so it's very very handy now I do put a disclaimer in this I don't you know support you doing`
			`malicious stuff but you know it's pretty neat to go out there and see what people are are surfing`
			`on on a public wi-fi and and maybe creating some awareness of of how dangerous that can be`
			`this has been another episode of hbr I wanted to give a quick shout out to clatoon he sent me`
			`some really neat images for labels for hpr CDs but I hope to take to hope so if you're going to`
			`the conference you can shoot me an email and you know see me at the conference and I'll give you`
			`out a free CD I think I'm going to do the first hundred episodes of hpr and we're going to put`
			`them on a CD and have some I think three different labels CD labels on them that are really`
			`they really look cool and thanks to clatoon and all the hosts for doing such a great job and`
			`we'll see everyone tomorrow on another episode of Hacker Public Radio.`
			`Thank you for listening to Hacker Public Radio.`
			`hpr is sponsored by caro.net so head on over to see aro.nc for all of us in the`
			`hv`