[TriLUG] tcpdumping a wifi connection
Matt Whitney via TriLUG
trilug at trilug.org
Tue May 30 13:47:09 EDT 2017
Brian,
No need for arp-poisoning, as long as you're on the same SSID as the
camera/phone, you should be able to capture traffic from any system (with a
WiFi adapter, that is) using just tcpdump with the -i option to specify the
wlan interface. Since WiFi is broadcast, you can capture from that system
as you're viewing from the phone app. With a little more work you could
even to a tcpdump while not on the same SSID and pull the data you need
(assuming you know the SSID encryption and passphrase).
Also, it may be as simple as running an NMap scan against the camera and
hitting the open port(s) with a web browser. With your description of the
camera, I'd imagine that there really wasn't a ton of effort put into
security.
Hope this is at least somewhat helpful.
Thanks,
Matt
On Tue, May 30, 2017 at 12:32 PM, Brian via TriLUG <trilug at trilug.org>
wrote:
> Hi Group,
>
> Is there a relatively painless way to capture the traffic between camera
> and app? Do typical approaches like arp-poisoning work on wifi?
>
> Not so long ago, I picked up some Chinese wifi-enabled pinhole cameras.
> ("HD waterproof" turned out to be 640x480 and a PCB with shrink-tube around
> it...caveat emptor...fortunately my only real requirement was "cheap")
>
> As is often the case with brandless electronics, documentation ranges from
> a joke (indecipherable engrish) to completely nonexistent.
>
> Out of the box, it only works by way of a specific smartphone app. I
> doubt it's doing anything proprietary underneath, but I don't know how to
> sniff it since it serves as the access point itself (and, so far, does not
> associate with other WAPs as it claims it can). If I can figure out what
> codec it speaks, I could do something useful with it...
>
> Thanks!
> -Brian
>
> --
> This message was sent to: mattjwhitney at gmail.com <mattjwhitney at gmail.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : https://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web : https://www.trilug.org/mailman
> /options/trilug/mattjwhitney%40gmail.com
> Welcome to TriLUG: http://trilug.org/welcome
More information about the TriLUG
mailing list