DeepSec 2018 Talk: Mapping and Tracking WiFi Networks / Devices without Being Connected – Caleb Madrigal

Sure, WiFi hacking has been around for a while, and everyone knows about tools like airmon-ng, Kismet, et al. But what if you just want to view a list of all networks in your area along with all the devices connected to them? Or maybe you want to know who’s hogging all the bandwidth? Or what if you want to know when a certain someone’s cell phone is nearby? Or perhaps you’d like to know if your Airbnb host’s IP Camera is uploading video to the cloud?

For all these use-cases, I’ve developed a new tool called “trackerjacker”. In this talk we’ll use this tool to explore some of the surprisingly informative data floating around in radio space, and you’ll come away with a new skill or two adding to your radio hacking skill tree, as well as a new magical weapon… I mean tool.

We asked Caleb a few more questions about his talk.

Please tell us the top 5 facts about your talk.

  1. You’ll learn how easy it is to track people or be tracked yourself.
  2. You’ll learn the scary amount of information leaked by encrypted wifi networks.
  3. You’ll learn how you can detect when nearby wireless security cameras detect motion (even if they are not your cameras, and even if you aren’t on the same wifi network).
  4. You’ll learn about a new WiFi hacking tool.
  5. You’ll learn more about how WiFi works.

How did you come up with it? Was there something like an initial spark that set your mind on creating this talk?

My initial problem was that I was trying to get my security alarms to turn on if one of my security cameras detected motion, but the camera and security system didn’t speak to one another. From this problem, I developed the trackerjacker tool. In other words, I way over-solved my particular problem 🙂

Why do you think this is an important topic?

IoT stuff is continually growing in popularity, and IoT devices are being used for more and more important things. Many IoT devices work over wifi, and all of those are susceptible to some of the problems I’ll be addressing in this talk. There are serious implications regarding your privacy and security here.

Is there something you want everybody to know – some good advice for our readers maybe?

Encrypted wifi leaks surprisingly interesting information, regardless of encryption algorithm or security mode.

A prediction for the future – what do you think will be the next innovations or future downfalls when it comes to your field of expertise / the topic of your talk in particular?

What would be concerning is if an attacker could weaponise some of these techniques – especially if they were able to remotely infiltrate wifi devices (like IoT devices) and use them to launch such attacks.

 

Caleb is a programmer who enjoys hacking and mathing. He is a member of the Mandiant/FireEye advanced research team, where he researches and builds sweet incident response software. Lately he’s mostly been hacking with Python, Jupyter, C, and Machine Learning. Though only recently getting into it professionally, Caleb has been into security for a while – in high school, he wrote his own (bad) cryptography and steganography software. In college, he did a good bit of “informal pen testing”. These days, he has fun doing a lot of Radio/Wireless hacking, and using Machine Learning/Math to do cool security-related things.

Tags: , , , , , , ,

Leave a Comment