First time poster here. Please be nice :)

My biggest workaround is one that's being currently deployed to 40 truck drivers (trucking company here), preventing printers being out of usage while on the road. We also have to use HP ePrint to wirelessly print documents, but that's another story for another time I guess :)

CEO asked us to install wifi printers in our 40-ish trucks which has wifi on board. However he's always picking one of the cheapest options possible, so we got consumer grade printers (Laserjet 1002w). Those printers often disconnects without getting back on the truck wifi network EVER. I have to get physically in the truck, wire the printer via USB onto my laptop and reconfigure Wifi on it with the HP Windows tool. This means lots of printer downtime, which always happens when the drivers are three timezones away from our office

Then I thought: "What if I could sniff what HP sends via USB while I (re)configure the printer, and replay whats being sent later? Our trucks all have an Android tablet with a USB type-A connector with host capability, so I could write a small app that replays the config when plugged in by the user.

Three days of hacking around later, I have a working app. By chance, HP printers (or at least those models we have) uses HTTP POST via USB, so I could easily replay the request.

Edit: the end result is that truck drivers just plug the printer to their tablet, press "reconfigure" in a home made Android app, printer is reconnected to the truck and they're good to go. They don't have access to the network nor know enough to debug themselves anyways

So many times *sniff sniff*

Junkies sniff cocaine.
Hackers sniff HTTP.

Stupid fucking project managers, just posting some slurry in Slack:

"User can't get into app!" _sends useless screenshot_

Yeah? And? I have no context on what time this was, what device, where, how, etc. etc. etc. etc. etc.

You want me to just telepathically jump to their location on earth, sniff the electromagnetic spectrum waves to sleuth out what exact requests they made and when to figure out what the problem is?

Just shut up. Shut up

Insecure... My laptop disk is encrypted, but I'm using a fairly weak password. 🤔

Oh, you mean psychological.

Working at a startup in crisis time. Might lose my job if the company goes under.

I'm a Tech lead, Senior Backender, DB admin, Debugger, Solutions Architect, PR reviewer.

In practice, that means zero portfolio. Truth be told, I can sniff out issues with your code, but can't code features for shit. I really just don't have the patience to actually BUILD things.

I'm pretty much the town fool who angrily yells at managers for being dumb, rolls his eyes when he finds hacky code, then disappears into his cave to repair and refactor the mess other people made.

I totally suck at interviews, unless the interviewer really loves comparing Haskell's & Rust's type systems, or something equally useless.

I'm grumpy, hedonistic and brutally straight forward. Some coworkers call me "refreshing" and "direct but reasonable", others "barely tolerable" or even "fundamentally unlikable".

I'm not sure if they actually mean it, or are just messing with me, but by noon I'm either too deep into code, or too much under influence of cognac & LSD, wearing too little clothing, having interesting conversations WITH instead of AT the coffee machine, to still care about what other humans think.

There have been moments where I coded for 72 hours straight to fix a severe issue, and I would take a bullet to save this company from going under... But there have also been days where I called my boss a "A malicious tumor, slowly infecting all departments and draining the life out of the company with his cancerous ideas" — to his face.

I count myself lucky to still have a very well paying job, where many others are struggling to pay bills or have lost their income completely.

But I realize I'm really not that easy to work with... Over time, I've recruited a team of compatible psychopaths and misfits, from a Ukranian ex-military explosives expert & brilliant DB admin to a Nigerian crossfitting gay autist devops weeb, to a tiny alcoholic French machine learning fanatic, to the paranoid "how much keef is there in my beard" architecture lead who is convinced covid-19 is linked to the disappearance of MH370 and looks like he bathes in pig manure.

So... I would really hate to ever have to look for a new employer.

I would really hate to ever lose my protective human meat shield... I mean, my "team".

I feel like, despite having worked to get my Karma deep into the red by calling people all kinds of rude things, things are really quite sweet for me.

I'm fucking terrified that this peak could be temporary, that there's a giant ravine waiting for me, to remind me that life is a ruthless bitch and that all the good things were totally undeserved.

Ah well, might as well stay in character...

*taunts fate with a raised middlefinger*

Jokes aside, this got me thinking html is most used and most successful hacking tool out there.

99.99% of the time it's far easier to socially engineer and phish for existing credentials that scan networks, sniff ports and look for vulnerable versions of software, new vulnerabilities etc.

We (people) are ad always will be a zero day exploit.

From my work -as an IT consultant in one of the big 4- I can now show you my masterpiece

INSIGHTS FROM THE DAILY LIFE OF A FUNCTIONAL ANALIST IN A BIG 4 -I'M NOT A FUNCTIONAL ANALYST BUT THAT'S WHAT THEY DO-

- 10:30, enter the office. By contract you should be there at 9:00 but nobody gives a shit
- First task of the day: prepare the power point for the client. DURATION: 15 minutes to actually make the powerpoint, 45 minutes to search all the possible synonyms of RESILIENCE BIG DATA AGILE INTELLIGENT AUTOMATION MACHINE LEARNING SHIT PISS CUM, 1 hour to actually present the document.
- 12:30: Sniff the powder left by the chalks on the blackboards. Duration: 30 minutes, that's a lot of chalk you need to snort.

13:00, LUNCH TIME. You get back to work not one minute sooner than 15.00

- 15:00, conference with the HR. You need to carefully analyze the quantity and quality of the farts emitted in the office for 2 hours at least
- 17:00 conference call, a project you were assigned to half a day ago has a server down.
The client sent two managers, three senior Java developers, the CEO, 5 employees -they know logs and mails from the last 5 months line by line-, 4 lawyers and a beheading teacher from ISIS.
On your side there are 3 external ucraininans for the maintenance, successors of the 3 (already dead) developers who put the process in place 4 years ago according to God knows which specifications. They don't understand a word of what is being said.
Then there's the assistant of the assistant of a manager from another project that has nothing to do with this one, a feces officer, a sys admin who is going to watch porn for the whole conference call and won't listen a word, two interns to make up a number and look like you're prepared. Current objective: survive. Duration: 2 hours and a half.
- 19:30, snort some more chalk for half an hour, preparing for the mail in which you explain the associate partner how because of the aforementioned conference call we're going to lose a maintenance contract worth 20 grands per month (and a law proceeding worth a number of dollars you can't even read) and you have no idea how could this happen
- 20:00, timesheet! Compile the weekly report, write what you did and how long did it take for each task. You are allowed to compile 8 hours per day, you worked at least 11 but nobody gives a shit. Duration: 30 minutes
- 20:30, update your consultant! Training course, "tasting cum and presenting its organoleptic properties to a client". Bearing with your job: none at all. Duration: 90 minutes, then there's half an hour of evaluating test where you'll copy the answers from a sheet given to you by a colleague who left 6 months ago.
- 22:30, CHANCE CARD! You have a new mail from the HR: you asked for a refund for a 3$ sandwich, but the receipt isn't there and they realized it with a 9 months delay. You need to find that wicked piece of paper. DURATION: 30 minutes. The receipt most likely doesn't even exist anymore and will be taken directly from your next salary.
- 23:00 you receive a message on Teams. It's the intern. It's very late but you're online and have to answer. There's an exception on a process which have been running for 6 years with no problems and nobody ever touches. The intern doesn't know what to do, but you wrote the specifications for the thing, 6 years ago, and everything MUST run tonight. You are not a technician and have no fucking clue about anyhing at all. 30 minutes to make sure it's something on our side and not on the client side, and in all that the intern is as useful as a confetto to wipe your ass. Once you're sure it's something on our side you need to search for the senior dev who received the maintenance of the project, call him and solve the problem.
It turns out a file in a shared folder nobody ever touches was unreachable 'cause one of your libraries left it open during the last run and Excel shown a warning modal while opening it; your project didn't like this last thing one bit. It takes 90 minutes to find the root of the problem, you solve it by rebooting one of your machines. It's 01:00.

You shower, watch yourself on the mirror and search for the line where your forehead ends and your hair starts. It got a little bit back from yesterday; the change can't be seen with the naked eye but you know it's there.

You cry yourself to sleep. Tomorrow is another day, but it's going to be exactly like today.

So I been telling Cox no to upgrading my modem for the past 2 months, my modem works fine, so now last night the modem just stops working, the internet is out and I call support, I tell them the problem and they without even thinking ask what version of modem I have, I tell then gen 2,they then offered a upgrade for free and the old gen 2 ones were not working lately, I reluctantly agreed to swap them for free, so after I got off the phone I was curious, I decided to packet sniff and find all my data is being sent just fine, but once it reaches the Cox main gateway it just drops the packet, I even pinged the DNS and it responded fine, turns out they just shut my connection off and basically forced me to upgrade to their gen 3 enhanced Wi-Fi bullshit

Hi hackers!
Just not sure about this one:
Is this true?
The closer i get to the router , the more packets i might be able to sniff.
And something else:
I might loose the traffic sent to the other APs while i'm close to one another.

Is there any way to capter all packets?
(I also have wired access to network but since the socket isolates the traffic let me know if there is any other method)

Thanks

I broke into hotels WiFi. So here's the setup
They have a main router (TP-Link) which they use for official purposes then they connected the main router to a Microtik router for guests.
I got a glimpse of the software they use for accomodation, billing etc. It runs on php stack maybe MySQL too and some ip can't remember now. I can use wireshark to sniff the packets. Basically should I tell the office of this hotel about the security? Or just let it go.

P.S: Guys you know I'm visiting my gf but I've got some time for myself as she had something to do. So you know I'm not using my laptop when I'm with her.

I was wondering if anybody gets to sniff my wifi and finally finds my pass, so he is able to listen to my encrypted traffic and fully decrypt it (websites without https)!
That is far worse than just using my bandwidth!!
What do you think?
What else the attacker can get?

Classmates? More like FUCKING PARASITES!

I work in a group on for on the notes using google docs, for realtime collaboration. WE spend lots of hours in school making them something. Then share it with one good friend and BANG the whole class has them, even though he was not supposed to share it. AND DO YOU EXPECT ONE OF THEM EVEN THANKED US FOR THE WORK WE PUT IN THERE MAKING THESE? The most I heard were fucking complaints. I should let the sniff a razerblade for each complaint and hope they improve their brain capabilities to the level of 0.

Girls sniff boys.

I sniff RS485.

Watched an action hack movie
Then designed a scenario to sniff around a bank and get the encrypted key and finally extract the key and omg!
I've broke into the bank !!!
But seriously, is it worth trying?
I'm not going to do any thing stupid like even taking a dollar , but is it just the way I thought it is?
Will anything unexpected happen?

My Chromebook Pixel 2015 died yesterday. *sniff* I really liked the build quality and using crouton for Linux.

My 2nd work laptop ever was a IBM Thinkpad and I really liked that back in the day.

Now I'm looking at the Thinkpad 25th anniversary edition. Anyone have one? Thoughts?

Should have kept a copy of my best code off of my work computer. That way it wouldn't have been confiscated along with the computer during the layoffs. [sniff] I had some beautiful Stored Procedures I can't satisfactorily remember how to reproduce. 😅

A colleague currently has a cold and takes a deep, wet sniff every 10 seconds or so rather than just blowing his fucking nose - he even (politely) refused a tissue I offered him WTF?!

All concentration is lost when you're perpetually awaiting the next sniff.

Run dual boot Mac Catalina and Win 10. Got a bunch of Razer shit from wife for Bday... super stoked. Big mat, mouse, keyboard.

Works like a charm on Win.

Works for fuck all on Mac. The app to manage device is no longer supported.

Went waaay down the rabbit hole trying to sniff the packets that were being sent to the devices via USB to sync their colors and patterns.

Finally give up that route.

I have now built a VM for windows to run synergy... then a VM for Linux for Polychomatic because the keyboard is older and not supported by synergy.

And I found if I boot them both then quit them both the settings for the peripherals stay until the next reboot.

But JFC... I literally have to boot three operating systems to pull it off.

Talk about some gift of the magi shit... I was so happy with the gift and at this point it has wasted dozens of hours.

Fuck fucking Razer. Looks cool. Doesn’t work.

Any better way for breaking telnet ?
(I had no idea who was ever going to connect to this ip using telnet so i had no chance to sniff the password :(
Now it is taking ages to brute force )

//mac is already spoofed ;)

Will you Sniff on your kids? 😆

Comment your answers..

My New medication is !AMAZING....
Yesterday went to the Doc (another 100€ sniff) and got a new update on medication...
(check my profile history for the posts last weekend if ya curious).
One of them must be opium or something... I got so high It looked like Opium (I never did heavy drugs).
Now I'm falling all the time, Can't remember much last night and... man... I use/used Cannabis as medicine for years (on and off as needed) ... Still, remember when I could get high... And the highest time was when I learned cannabis it's great to stop suicide (A friend got me so stoned I couldn't move... Even if didn't really take out the tendencies and thoughts to kill yourself, you can't do it anyway...)
But this new Pill... ONLY SHEEAAATTTT...
Only problem,,, I can't really do shit Until my body gains tolerance... and I was doing so much cool ideas in my Office...
Btw, no more Space Again... The more drawers I place, the more stuff gets here...
But I think I'll lose all my energy again for the next months, so, fuck it.

MDN best practice recommends not to sniff browser versions but rather detect features. So far, so good. In reality, we don't need to detect features, we need to detect bugs to handle outdated mobile Safari versions. Apple again. 🍎🍏🤢🤮

Me running DarkReader: Some Russian dude can probably sniff all my passwords.

Me also running DarkReader: But, light theme websites or really any light theme content is an abomination against the dark lord Satan.

Thoughts?

When you commit a more readable README on GitHub to a non native English speaker sends you an email a day later asking for help why his self-signed certificate isn't trusted by his browser or his other computers.

The project he's working on is to sniff Wi-Fi packets that are encrypted through a MiTM attack. I've now stopped following this project and moved on.

Has anyone else had any stupid questions from debs which were about the key purpose of their project and how to go about it?

Token for App -> backend authentication is generated one time when the user signs up. Sniff it once and you've got access to the user account forever.

Passwords are hashed with one round of SHA1, no salt.

Everything including login data is sent over plain HTTP.

Luckily I got permission to fix that mess

Why people do that shit ? is a free backdoor to sniff other user content XD

if(isset($_COOKIE["user"])){
resetSession("user","user");
}

function resetSession($cookiename,$sessionname){
$_SESSION[$sessionname] = $_COOKIE[$cookiename];
}

Trying to use a certain library for my ORM needs. It seems that the devs 'forgot' to add decent documentation.

Also trying out another library to integrate with it. Again, no decent documentation.

It pisses me off how A LOT of Node.js libraries have the worst documentation ever, and if they do have some seemingly okay ones, they conveniently leave out the more complex functionalities. What do they want to achieve here? For people to head to their Github pages to sniff at the code?

Holy fucking shit. I hate you people. I even hate having to use these in the first place.

Don't tell dev rant. But I'm going use ADB to sniff their SQL packets and make a neral network with all the posts for that damn stress ball

Which ons is less risky and which one Is most profitable to succeed ?

0- telling the admin you forgot your password and as he's logging in, sniff his password (you already placed sslstrip)

1- gain access to router using its vulnerabilities and redirect the traffic to a fake page and get the password.

2- exploiting smb port of admin's system and placing a krylogger or stealing his cookies if available

3- brute forcing admin password :/

4- pressing forgot password on admin account and staying close to him and sniff the SMS containing the otp using rtl-sdr (and of course you will be prompted to set a new password)

5- any other way .

Also the website itself is almost secure.
It is using iis 8.5 and windows server 2012
Only open ports are 80 and 443.

any network admins with Cisco Meraki routers willing to do me a favor? i need to get a firmware file so i need someone in this position to sniff their own network to get where it gets the files from i will pay you like USD$0.04 in DASH