Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
Get a devDuck
Rubber duck debugging has never been so cute! Get your favorite coding language devDuckBuy Now
Search - "wireshark"
I feel like a fucking abomination at the moment.
I have been working on an app that is almost like Wireshark. More so for practice than anything else.
I decided that today I would try it out on the network here at my house, so I started the packet sniffer and wanted to see what was going on. I was checking for unencypted text (like telnet and whatnot) and came across this odd address that I hadn't seen before.
I did something that I shouldn't have done, and I fucking clicked and did the equivalent of "follow TCP stream" on wireshark. I fucking went and looked what the text being sent over this fucking network was.
It was my girlfriend, using fuck knows what messenger, but it was unencrypted. I just found out that she is cheating on me. I don't want to go into what the texts exactly say, because it fucking hurts me deep down.
Why didn't she just use whatsapp or something, fuck man. I really don't need this in life at the moment. I am genuinely trying to get my shit in order, I have been coding my ass off at night for extra money to make it, I have been working overtime where I can - fuck I have even tried sucking up to management (I would never do this under normal circumstances) - and to top this off, the motherfucking tax man is giving me hell.
If you want to cheat, fucking do it properly. Because I am in a state of pure sadness and hatred and the moment - and I don't know what the fuck to do.25
Wiire-Shark Doo doo doo doo doo
Eating our internet Doo doo doo dooo doo
Why you do this? Doo doo doo doo doo doo
I still miss my college days. Our crappy IT Dept restricted internet usage on campus. Each student used to get 10 GB of internet data and they used Cyberoam for login (without HTTPS). 10 GB was so less (at least for me).
Now, thanks to CS50, I learned that HTTP was not secure and somehow you can access login credentials. I spent a night figuring things out and then bam!! Wireshark!!!!
I went to the Central Library and connected using Wireshark. Within a matter of minutes, I got more than 30 user ids and passwords. One of them belonged to a Professor. And guess what, it had unlimited data usage with multiple logins. I felt like I was a millionaire. On my farewell, I calculated how much data I used. It was in TBs.
Lesson: Always secure your URLs.5
Some fucker installed a keylogger on my Ubuntu laptop at home and registered it as a systemd service. From Wireshark, it's sending each keystroke to a server in France using irc. Tried accessing the server but the moron shut it down immediately. It's the last time am fucking installing code from prebuilt binaries. If I can't build it from source then fuck off your sniffing cunt. I was about to log in into a database from that machine.
UPDATE: I found the actual file sending the keystrokes but it's binary. Anyone know how I can decode a binary file?40
Yesterday the web site started logging an exception “A task was canceled” when making a http call using the .Net HTTPClient class (site calling a REST service).
Emails back n’ forth ..blaming the database…blaming the network..then a senior web developer blamed the logging (the system I’m responsible for).
Under the hood, the logger is sending the exception data to another REST service (which sends emails, generates reports etc.) which I had to quickly re-direct the discussion because if we’re seeing the exception email, the logging didn’t cause the exception, it’s just reporting it. Felt a little sad having to explain it to other IT professionals, but everyone seemed to agree and focused on the server resources.
Last night I get a call about the exceptions occurring again in much larger numbers (from 100 to over 5,000 within a few minutes). I log in, add myself to the large skype group chat going on just to catch the same senior web developer say …
“Here is the APM data that shows logging is causing the http tasks to get canceled.”
Me: “No, that data just shows the logging http traffic of the exception. The exception is occurring before any logging is executed. The task is either being canceled due to a network time out or IIS is running out of threads. The web site is failing to execute the http call to the REST service.”
Several other devs, DBAs, and network admins agree.
The errors only lasted a couple of minutes (exactly 2 minutes, which seemed odd), so everyone agrees to dig into the data further in the morning.
This morning I login to my computer to discover the error(s) occurred again at 6:20AM and an email from the senior web developer saying we (my mgr, her mgr, network admins, DBAs, etc) need to discuss changes to the logging system to prevent this problem from negatively affecting the customer experience...blah blah blah.
FRACKing female dog!
Good news is we never had the meeting. When the senior web dev manager came in, he cancelled the meeting.
Turned out to be a hiccup in a domain controller causing the servers to lose their connection to each other for 2 minutes (1-minute timeout, 1 minute to fully re-sync). The exact two-minute burst of errors explained (and proven via wireshark).
People and their petty office politics piss me off.2
Had a discussion with a developer about security. His software transfers all user data (password and files) unencrypted, so anyone can grab them with wireshark. I told him that this is a severe issue. He said no its no problem because if you get hacked its your own fault, because you probably used an insecure network. NO ! YOU FUCKING MALADJUSTED SHEEP-MOLESTING OBJECT OF EXECRATION, YOU SHOULD ALWAYS ENCRYPT SENSITIVE USERDATA NO MATTER WHAT NETWORK YOU USE. FUCKING KILL ME ALREADY.
Not implementing encryption is one thing but then acting like its no problem is a fucking nother one. Why do people not understand that security of userdata is important???11
You write code.
A strange issue prevents you to proceed further.
Try one fix. Fails.
Try another Fix. Fails.
Try fix #28. Fails.
You decide to ask for help in the support forum.
You start writing your post, mentioning everything you've tried so far. You feel your social anxiety and fear the humiliation of being told "because you didn't try X, you idiot". Then you come up with an idea for fix #29.
(fix #29 normally involves Wireshark or similar low-level inspection tool)
Try fix #29. It succeeds :)6
Someone should make a messaging app called the "insecure messenger"
It's main purpose would be, to be that opposite of something like signal or riot.im
The app would let you message your friends. But it would transmit messages over plaintext using http.
Then there would be a second screen that shows a basic Wireshark (or tshark) output so that you can see your plaintext messages being sent and received.
But of course.. someone would download the app without understanding what they are doing and get their shit hacked..22
I was learning about packets and I was trying pirni (like Wireshark for iPhone) on my local network. I found a packet of my my roommate about a recipe of fancy a fancy dish
me: *enters the kitchen* Bro you need to see this I got this sick recipe of $fancyDish that I really wanna try
le roommate: THERES NO WAY ARE YOU FREAKING KINDING
I know its wrong to spy on peoples trafic but it was worth it hahaha7
I broke into hotels WiFi. So here's the setup
They have a main router (TP-Link) which they use for official purposes then they connected the main router to a Microtik router for guests.
I got a glimpse of the software they use for accomodation, billing etc. It runs on php stack maybe MySQL too and some ip can't remember now. I can use wireshark to sniff the packets. Basically should I tell the office of this hotel about the security? Or just let it go.
P.S: Guys you know I'm visiting my gf but I've got some time for myself as she had something to do. So you know I'm not using my laptop when I'm with her.13
A huge new hospital opened up.
it looks very modern and nice, lots of new doctors and facilities.. but..
Why is everything wireless?!
everything's connected to different APs across the hospital!
Receptionist's pc? has a wifi adaptor sticking out to the side.
in-patient's smart tvs? Wireless, connected to their own ap
conveniently enough, the SSID's were labeled with where they were being used and didnt bother to hide it
"Office A" "Smart TVs" "DB".
now im not saying wireless is bad, it's convenient! but why make everything in the building connect wirelessly.
any kid who's feeling naughty could do:
aireplay-ng -0 0 [BSSID] wlan[#]
and it's good bye connectivity.
or maybe flip put wireshark or any kind of sniffer.
i dont wanna have to come here for surgery only to find out the machine's wireless too.
imagine it stopping halfway through your surgery.. Yikes..6
TLDR: Find a website that requires a subscription but doesn't check their cookies' integrity, now I'm on a website for free.
>wonder if it's possible to intercept browser data
>find that none of these really fit me
>go to youtube, search how to intercept POST data
>find something called BurpSuite
>Totally what I was looking for
>start testing BurpSuite on devrant
>I can see all the data that's being passed around
>wonder if I can use it on a website where my subscription recently ended.
>try changing my details without actually inputting anything into the website's form
>send the data to the server
>refresh the page
>Huh what's this?
>must be a userID
>increment it by 1 and change some more details
>refresh the page
>didn't work 😐
>Hmmm, let's try forwarding the data to the browser after incrementing the uid
>can see the details of a different user
>except I see his details are the details I had entered previously
>begin incrementing and decrementing the uid
>realize that the uid is hooked up to my browsers local cookie
>can see every user's details just by changing my cookie's uid
>Wonder if it's possible to make the uid persistent without having to enter it in every time
>look up cookie manipulator
>go back to website
>examine current uid
>it's my uid
>change it to a different number
>refresh the webpage
>IT FUCKING WORKED
>MFW I realize this website doesn't check for cookie integrity
>MFW I wonder if there are other websites that are this fucking lazy!!!
>MFW they won't fix it because it would require extra work.
>MFuckingFW they tell me not to do it again in the future
>realize that since they aren't going to fix it I'll just put myself on another person's subscription.5
A few years ago I was in high school and used to have a small reputation of hacking things. I could hack, just would never hack any school networks or systems (reputation + notice that there was a breach is a bad combo since everyone would immediately suspect you).
Anyways one day the networks internet connection went down in the school district and I was the only one who used a laptop to take notes. So I quickly opened the terminal and ran Wireshark and said to the person to my right "see that button there? yeah I programmed this last night. anytime I press it I can shut down the network so the teacher can't reach her files (she famously only saved them online). *Long dramatic press* Wireshark started scanning the network so all the numbers and lines were going crazy as it viewed the packet info "Now just wait", soon the whole class knew what I had done through whispers and lo and behold a few minutes later and the teacher couldn't reach her files.
Everyone loved me for the rest of the year for saving them from the homework for the week the wifi network was out since it also ended up having to cancel two tests in the class, and a lot more homework and tests in all their other classes. Solidified my reputation and no one fucked with me from that day on.
It's a very difficult choice for me. I use many open source things on a daily basis.
Running WireShark to see what one of our partners is sending across.
Outdated TLS: Ok, that's par for the course.
Leaking data through DNS queries: ButWhy.jpg
Website leaked through DNS doesn't require auth to view information. TableFlip.jpg2
Some kid keeps asking me how to session hijack. I keep telling him there's no point if:
A. You're not on the same network as him / her (I'm sure there are exceptions to this but normally you'd have to be on the same network)
B. The connection is encrypted
He doesn't understand either of those things. Not to mention it's illegal unless you're given consent.7
Ok, I didn't know that Wireshark on Windows can fuck-up your network routing :D Try to send anything to 255.255.255.255 broadcast and see that nothing happens, yay :D
Requests to a soap server were failing randomly. In order to contact the API provider, I tried to provide an curl example with the same payload and the error response. Yet when sending the payload over curl, the request worked just fine. When my application was building the request, it failed.
What. The. Fuck.
I checked and double-checked the request body and headers. They were identical.
Of course, no error response was returned by the API provider and, of course, they could not tell me how what error I caused in my request.
So I created a basic dummy server, installed wireshark and compared the payload when sending a request from my application and from curl to my dummy server.
It turns out: curl, if called in a certain way, automagically strips out newlines. The soap client kept them.
So that that shitty soap server crashed due to newlines in the message body!
Stripping out the newlines was rather easy.
Shame on you, your house, and entire family for letting it crash due to them!1
Fucking MQTT, go suck some dicks! Can't get that pice of shit to work, sending connect and publish works like a charm but somehow I won't get an acknowledge message which means the publish doesn't go through!
On the brigt side: another oportunity to fire up wireshark and compare my software to other tools.
Anyone expirienced wit MQTT or thingstream.io
P.s. there support also can go and choke on some dicks!5
Spending the whole day to find out why this old AngularJs crap does return status -1 instantly after PUTting. Still no idea. Fiddler, Wireshark, nothing helps (so it's sure to say it doesn't even fire).
This sucks balls...
Recently I have had to help our support team handle a variety of embedded development support tickets for a product line that is quite complex in nature. It is really starting become frustrating how common it is that the so-called “developers” that are using this product are so incompetent at requesting help in a proper/sane way. It is even more frustrating that some of these schmucks start acting up and stating bullshit statements like (para-phrasing) “OMG we have a ‘big opportunity’ and a deadline to meet”, “you need to help us faster”. These are also the same guys that are like “I know you have a free SDK that does everything correctly, but I want to write my own ‘pro’ driver written in my own ‘dumbass code style’. Oh and I am not going to follow documentation and not implement required functions and make you read my god awful code snippets to find out what I what I did wrong instead of reading the docs or comparing against the SDK.”
To anyone that behaves this way...fuck you! Just stop. Stop being a developer altogether. If your “opportunity” is so important, why the fuck are you half-assing your support ticket? Why are you making it SO DAMN DIFFICULT for someone to help support you! Give as much info as possible to prove your point or provide context to the problem you are having. In the majority of these tickets the dumbasses don’t even consider that relaying the product’s firmware version is relevant information, that a Wireshark (and/or logic analyzer) capture can be very useful to provide context to the type of operation being performed. Code snippets can be nice but only if there is sufficient context. We have had to ask one guy 3 times already for the FW version...what the flipping hell is wrong with you?!
Ug...I feel sorry for Support/FAEs sometimes dealing with customer bullshit drives me nuts and its a shame this stuff happens in a sector that should know better...Please don’t be like these devs. If you make a half-assed request it is only reasonable to expect a half-assed response and nothing more.
Just been in an underground. Guy walks past. Half closed HP laptop in hand. And what do I see on the bottom of the screen. A distinctive red bar with some yellow. Looked a lot like wireshark to me. I left the train, but I wonder why he sniffed.4
I want to start learning to write a simple game server emulator in C#. The game works LAN but it gets LAN disconnected when internet drops so some sort of keepalive is implemented. I can copy the files to another device and it works online without a login etc so there is no online authentication but as soon as internet drops the LAN game goes down to so i need to emulate the online update server or something like that to prevent that from happening. (spotted with Wireshark etc)
I don't have much experience , just created a simple tcp client/server console app but in this case I ofcrs will only need a server one in combination with custom dns. Any tips on where to start? Does someone have an example game server emulator? or update server emulator?1
Does anybody know if there's a tool for parsing protobuf using live Network capture? I basically want to be able to pass profiles into something like Wireshark and get a live request response cycle1
Are there any sysadmins here who know how to deal with ddos attacks properly? I can even offer pay. Situation is that I launched my java app (gameserver) on linux debian and configured iptables to allow only specific ips. Basically I made only 1 port open for loginserver and if player logins into loginserver it adds his ip to iptables so hes able to proceed to gamesever. However I am still receiving massive up to 900MB/s attacks for example: http://prntscr.com/q3dwe8
It appears that even if I left only one port open, I still can't defend against ddos attacks. I made some captures with tcpdump and analyzed them on wireshark but to be honest I cant really tell what I'm looking at.
I am using OVH which is supposed to be ddos protected but maybe I messed up during iptables configuration, I'm not sure.
Can anyone help?15
To be fair, I wonder if for a future job where I get to contact clients by phone, or even before, I could make a workaround using my phone plugged to my computer, with Wireshark or sth in the background intercepting calls, and identifying and btfo of scammers and phone surveys wasting everyone's time.
Idgaf if it's too ambitious, I wanna find out for myself, even more when I get a call now.1