Initial commit: HPR Knowledge Base MCP Server
- MCP server with stdio transport for local use - Search episodes, transcripts, hosts, and series - 4,511 episodes with metadata and transcripts - Data loader with in-memory JSON storage 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Lee Hanken
83
hpr_transcripts/hpr0127.txt
Normal file
83
hpr_transcripts/hpr0127.txt
Normal file
@@ -0,0 +1,83 @@
|
||||
Episode: 127
|
||||
Title: HPR0127: How to be Nosey on the Interwebz
|
||||
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr0127/hpr0127.mp3
|
||||
Transcribed: 2025-10-07 11:51:23
|
||||
|
||||
---
|
||||
|
||||
Music
|
||||
Music
|
||||
Music
|
||||
Music
|
||||
Welcome to another episode of HPR. I am your host Enigma and today I will be talking about
|
||||
how to be nosy on the inner webs. This is a presentation that I gave at my local
|
||||
813 bin rev meeting but for those of you who weren't in Tampa that week that I gave
|
||||
it I'm going to give it to you anyway. So the basis of this presentation is you're
|
||||
sitting at your local Starbucks or any place that has a free Wi-Fi and you want to be
|
||||
a little bit nosy and see whether people are doing. Nothing will let you just you know
|
||||
poking around. So what you will need for my presentation is the Elenix laptop. You
|
||||
can do this on windows too but for my purposes I'm using open to Elenix. The local wireless
|
||||
networking need to be connected obviously. This is under the assumption that it's a public
|
||||
network that you don't have any encryption to deal with or anything but there's plenty
|
||||
of tools out there that can end tutorials that you know break web or break WPA or anything
|
||||
like that but for my purposes I'm you know a normal user on the wireless network. I'm going
|
||||
to be using four tools, header cap, wire shark, driftnet and end map. These four tools are
|
||||
available in the Ubuntu repositories and basically took me about 15 minutes to install
|
||||
them. They're available through Synaptic but I use AppGit to get them. Synaptic is the front-end
|
||||
of AppGit for Ubuntu but I'm a command line guy so I'm going to go with AppGit. So the syntax
|
||||
for AppGit is pseudo-appGit install and then the package name. So pseudo-appGit install
|
||||
end map, pseudo-appGit install driftnet and so on and so forth. So after you install and set up
|
||||
all four tools the next process is we need to find our targets on the network. So this can be
|
||||
accomplished through end map and end map has a nifty feature called pink scanning. Among many others
|
||||
I use pink scanning to scan a range of IPs to see which talk back. This can be accomplished by using
|
||||
the simple command and I'm going to put this presentation up in the show notes so you don't need
|
||||
to take notes but the syntax is end map dash s, lurk s, capital p and then your range. So for my
|
||||
example it'll be 192.168.1-254 so I'm going to scan 192.168.1.1-254 and if you know anything about
|
||||
subnetting these numbers will vary depending on your subnet and the range of addresses you want to scan.
|
||||
So after that we need to poison our target and that is accomplished by using a tool called
|
||||
header cap and basically we are pretending to be the router and sniffing the traffic between
|
||||
the target computer and the router or computer to computer if you're in a peer-to-peer network.
|
||||
But for our purposes we are going to use header cap and the command for that is pseudo header cap
|
||||
minus capital T dash capital M and then ARP which is address resolution protocol
|
||||
dash i for the interface and it's my interface is WLAN 0 but your mileage may have vary depending
|
||||
on what laptop you have and then the address that your well I put the address of the router which
|
||||
was 192.168.1.1 and then the address of the targeted computer which in my case is 108
|
||||
and you can do the syntax is and you'll see in the show notes that it's followed or preceded by a
|
||||
forward slash and followed by forward slash and this is because the syntax assumes that you can put
|
||||
in multiple entries in other words you can put in either the MAC address the IP address and a
|
||||
port number so let's say if I only wanted to see 80 traffic which is web traffic I could put you
|
||||
know 192.168.1.1.4 slash 80 and that would get me all of the web traffic from that target
|
||||
but for my example I just scrapped all of the traffic and then the two tools that are remaining
|
||||
wire shark and drift net if if you're not familiar with drift net drift net reassembles
|
||||
images on the fly so basically you fire up that tool by using the command line pseudo drift net
|
||||
and then dash i and then the interface name and this puts up a little window on your screen
|
||||
that if someone browses a page with images it actually will display that for you so it's kind of
|
||||
neat it's and you can also save those images to your hard drive so it's quite interesting to
|
||||
see what people surf on a public wifi and then wire shark is the other one
|
||||
wire shark is a packet sniffer I'm sure you've heard of it it used to be called either real
|
||||
it's just a normal everyday packet sniffer that you know you can put filters in you can you can
|
||||
only view certain port numbers you can only view certain you know IP addresses things like that
|
||||
and there's plenty of tutorials out there for wire sharks so I'm not going to go heavy into that
|
||||
I may do an hbr one of these days on wire shark filters they can get very complex and there's
|
||||
few handy ones that because wire shark will don't pretty much anything any broadcast traffic over
|
||||
the network and anything that you poison obviously you'll get all of their traffic so I might do an
|
||||
hbr on that but for now all you need to know is that you know drift net will surf all the image or
|
||||
pull the images off the the poisoned computer and wire shark will grab everything that's sent
|
||||
to and from and in my presentation I actually did a demo for the the guys at the at the meeting
|
||||
and it was my grab some screenshots of what I was doing and if you know
|
||||
like I did an example for a FTP traffic and you can basically pull you know passwords because FTP
|
||||
transmits in clear text you can pull passwords right out of the wire shark it's kind of handy
|
||||
pop three works that same way telling that I don't know whoever uses tell net anymore but some people do
|
||||
so it's very very handy now I do put a disclaimer in this I don't you know support you doing
|
||||
malicious stuff but you know it's pretty neat to go out there and see what people are are surfing
|
||||
on on a public wi-fi and and maybe creating some awareness of of how dangerous that can be
|
||||
this has been another episode of hbr I wanted to give a quick shout out to clatoon he sent me
|
||||
some really neat images for labels for hpr CDs but I hope to take to hope so if you're going to
|
||||
the conference you can shoot me an email and you know see me at the conference and I'll give you
|
||||
out a free CD I think I'm going to do the first hundred episodes of hpr and we're going to put
|
||||
them on a CD and have some I think three different labels CD labels on them that are really
|
||||
they really look cool and thanks to clatoon and all the hosts for doing such a great job and
|
||||
we'll see everyone tomorrow on another episode of Hacker Public Radio.
|
||||
Thank you for listening to Hacker Public Radio.
|
||||
hpr is sponsored by caro.net so head on over to see aro.nc for all of us in the
|
||||
hv
|
||||
Reference in New Issue
Block a user