tag:blogger.com,1999:blog-38564685.post6473892879611933238..comments2024-03-29T07:06:38.438+08:00Comments on 電腦玩物: FaceNiff 單鍵駭進無線網路中未開啟 HTTPS 設定的Facebook帳戶Esor Huanghttp://www.blogger.com/profile/10426807330996372963noreply@blogger.comBlogger25125tag:blogger.com,1999:blog-38564685.post-47944145884635434922013-02-19T23:29:14.070+08:002013-02-19T23:29:14.070+08:00That is really interesting, You are an overly skil...That is really interesting, You are an overly skilled blogger.<br />I have joined your rss feed and stay up for seeking more of your great post.<br />Additionally, I have shared your website in my social networks<br /><br />my web page :: <a href="https://zulutradezulutrade.jux.com/926038" rel="nofollow">zulutrade</a>Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-38564685.post-10162382063853649392011-07-05T17:24:23.467+08:002011-07-05T17:24:23.467+08:00當然是不合法的,所以才只有教大家防範方法囉當然是不合法的,所以才只有教大家防範方法囉Esor Huanghttps://www.blogger.com/profile/10426807330996372963noreply@blogger.comtag:blogger.com,1999:blog-38564685.post-84965415679127895352011-07-05T13:57:14.181+08:002011-07-05T13:57:14.181+08:00這是合法的嗎?這是合法的嗎?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-38564685.post-23896542531234351362011-06-19T18:25:15.879+08:002011-06-19T18:25:15.879+08:00感謝分享~~感謝分享~~Esor Huanghttps://www.blogger.com/profile/10426807330996372963noreply@blogger.comtag:blogger.com,1999:blog-38564685.post-61014413704528845162011-06-19T15:47:06.809+08:002011-06-19T15:47:06.809+08:00其實電腦上也有Wireshark等軟件,使用上也好容易,http://computer.iprola...其實電腦上也有Wireshark等軟件,使用上也好容易,http://computer.iprolab.com/556/very-simple-very-dangerous-sniffer-http-connection-password-taking-demonstration ,真的極之危險!iProLabhttp://iprolab.comnoreply@blogger.comtag:blogger.com,1999:blog-38564685.post-62694762095882490772011-06-15T13:36:04.347+08:002011-06-15T13:36:04.347+08:00安全還是相對重要的安全還是相對重要的Esor Huanghttps://www.blogger.com/profile/10426807330996372963noreply@blogger.comtag:blogger.com,1999:blog-38564685.post-66685419938281482632011-06-15T11:09:46.639+08:002011-06-15T11:09:46.639+08:00但是FB設定https之後,用google的瀏覽器擴充功能很多就不能用了但是FB設定https之後,用google的瀏覽器擴充功能很多就不能用了Nanominthttp://www.ukbrand.orgnoreply@blogger.comtag:blogger.com,1999:blog-38564685.post-42173834592109738912011-06-05T06:47:02.630+08:002011-06-05T06:47:02.630+08:00感謝說明,這邊確實打錯了感謝說明,這邊確實打錯了Esor Huanghttps://www.blogger.com/profile/10426807330996372963noreply@blogger.comtag:blogger.com,1999:blog-38564685.post-57028165875969452412011-06-04T22:42:01.826+08:002011-06-04T22:42:01.826+08:00"就算無線網路環境已經使用WEP、WAP、WAP2加密,..."
WAP應為誤植..."就算無線網路環境已經使用WEP、WAP、WAP2加密,..."<br />WAP應為誤植,正確應該是WPA及WPA2<br /><br />另外WEP已被證實有設計上的缺陷,極易被破解<br />在外或在家自行設定無線網路時,最好選用WPA/WPA2.Kevinhttps://www.blogger.com/profile/17506252997851182404noreply@blogger.comtag:blogger.com,1999:blog-38564685.post-85459109404270072032011-06-04T05:45:10.095+08:002011-06-04T05:45:10.095+08:00感謝你的回答^^感謝你的回答^^Esor Huanghttps://www.blogger.com/profile/10426807330996372963noreply@blogger.comtag:blogger.com,1999:blog-38564685.post-44221122911320957212011-06-04T00:29:38.834+08:002011-06-04T00:29:38.834+08:00Facebook如果改用SSL加密連線
理論上這種偷帳號的手法就沒用了
除非你能hack SSL證書...Facebook如果改用SSL加密連線<br />理論上這種偷帳號的手法就沒用了<br />除非你能hack SSL證書<br />SSL加密連線的缺點是沒有頁面快取功能(cache)<br />Facebook瀏覽上會變得比一般瀏覽還要慢上一點Lawliethttps://www.blogger.com/profile/10973650840951262053noreply@blogger.comtag:blogger.com,1999:blog-38564685.post-40001564895319282312011-06-03T23:53:12.204+08:002011-06-03T23:53:12.204+08:00其實這點我也不確定當勾選強制HTTPS後
假如第一次從HTTP網址做登入,是不是當下的帳密傳遞就有...其實這點我也不確定當勾選強制HTTPS後<br /><br />假如第一次從HTTP網址做登入,是不是當下的帳密傳遞就有加密連線?<br /><br />歡迎知道的朋友提供解答Esor Huanghttps://www.blogger.com/profile/10426807330996372963noreply@blogger.comtag:blogger.com,1999:blog-38564685.post-53847178767197460932011-06-03T16:16:08.702+08:002011-06-03T16:16:08.702+08:00那到底要不要推廣從 https://www.facebook.com/ 登入
網路上很多的介紹文只...那到底要不要推廣從 https://www.facebook.com/ 登入<br /><br />網路上很多的介紹文只會說從 http://www.facebook.com/Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-38564685.post-22865990618339230532011-06-03T14:53:48.071+08:002011-06-03T14:53:48.071+08:00應該很容易找到吧XD應該很容易找到吧XDEsor Huanghttps://www.blogger.com/profile/10426807330996372963noreply@blogger.comtag:blogger.com,1999:blog-38564685.post-1861346596473631102011-06-03T12:53:47.861+08:002011-06-03T12:53:47.861+08:00唔....害我有點想去找 FaceNiff 下在玩玩看 XD唔....害我有點想去找 FaceNiff 下在玩玩看 XDAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-38564685.post-70419005862409650182011-06-03T09:49:51.327+08:002011-06-03T09:49:51.327+08:00如果是說"主要是因為Facebook的帳號跟密碼是以明碼的方式傳遞". 玩遊戲時...如果是說"主要是因為Facebook的帳號跟密碼是以明碼的方式傳遞". 玩遊戲時該不涉及密碼的傳遞. 至少那些遊戲跟程式不應能存取密碼. 但之間傳輸什麼其他資料. 又能不能截取.. =~=''Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-38564685.post-47666946627681416512011-06-03T05:28:31.529+08:002011-06-03T05:28:31.529+08:00忍一下,出門在外不要玩遊戲就好囉忍一下,出門在外不要玩遊戲就好囉Esor Huanghttps://www.blogger.com/profile/10426807330996372963noreply@blogger.comtag:blogger.com,1999:blog-38564685.post-85562420802594421532011-06-03T01:17:44.601+08:002011-06-03T01:17:44.601+08:00facebook有些遊戲/程式沒https加密,使用時還是會出事的…facebook有些遊戲/程式沒https加密,使用時還是會出事的…鎖孔https://www.blogger.com/profile/00091310063966438592noreply@blogger.comtag:blogger.com,1999:blog-38564685.post-15259290086382051912011-06-02T23:50:32.788+08:002011-06-02T23:50:32.788+08:00FaceNiff的設計者自己說如果使用HTTPS的話就無法抓取到控制權FaceNiff的設計者自己說如果使用HTTPS的話就無法抓取到控制權Esor Huanghttps://www.blogger.com/profile/10426807330996372963noreply@blogger.comtag:blogger.com,1999:blog-38564685.post-21114744750657414632011-06-02T23:35:25.810+08:002011-06-02T23:35:25.810+08:00"主要是因為Facebook的帳號跟密碼
是以明碼的方式傳遞"
那如果用
htt..."主要是因為Facebook的帳號跟密碼<br />是以明碼的方式傳遞"<br />那如果用<br />https://www.facebook.com/ 來登入,該app是否就無法成功?? ( 抱歉,我沒有智慧型手機可以測試綠雨https://www.blogger.com/profile/06227800338359380950noreply@blogger.comtag:blogger.com,1999:blog-38564685.post-19583603357199607442011-06-02T23:20:52.391+08:002011-06-02T23:20:52.391+08:00實際使用後,它只能擷取網域內的帳密
不是我先前所說的擷取封包片段
這個問題主要是因為Facebook...實際使用後,它只能擷取網域內的帳密<br />不是我先前所說的擷取封包片段<br />這個問題主要是因為Facebook的照號跟密碼<br />是以明碼的方式傳遞,透過封包擷取或側聽<br />其實很容易就辦到了<br /><br />之前有一個更有趣<br />直接掃描在地的wifi訊號<br />不必加入網域就可以偷Facebook帳號Lawliethttps://www.blogger.com/profile/10973650840951262053noreply@blogger.comtag:blogger.com,1999:blog-38564685.post-47842438435907732222011-06-02T22:11:24.663+08:002011-06-02T22:11:24.663+08:00nice one, thanks for share!nice one, thanks for share!cyhnoreply@blogger.comtag:blogger.com,1999:blog-38564685.post-19422358253965478012011-06-02T22:07:23.416+08:002011-06-02T22:07:23.416+08:00這看起來像是獲取封包片段,進行拼湊的樣子
Skype也是可以用類似的方法達到破解這看起來像是獲取封包片段,進行拼湊的樣子<br />Skype也是可以用類似的方法達到破解Lawliethttps://www.blogger.com/profile/10973650840951262053noreply@blogger.comtag:blogger.com,1999:blog-38564685.post-21757943033827952032011-06-02T21:26:14.967+08:002011-06-02T21:26:14.967+08:00不過那個軟體也無法獲取plurk的控制權限就是了不過那個軟體也無法獲取plurk的控制權限就是了Esor Huanghttps://www.blogger.com/profile/10426807330996372963noreply@blogger.comtag:blogger.com,1999:blog-38564685.post-62854985308810863912011-06-02T21:17:13.581+08:002011-06-02T21:17:13.581+08:00可惜Plurk沒有相關的設定可惜Plurk沒有相關的設定toppy368https://www.blogger.com/profile/04876586226778177270noreply@blogger.com