Jump to content

Can U Sniff Xbl Packets


theyettihunta
 Share

Recommended Posts

I haven't tried sniffing Xbox traffic yet, but its an interesting idea. But I am pretty certain some of its traffic would be encrypted.

You could find it out by running wireshark on a PC and if you have a switch that is capable of port mirroring, you could mirror your Xbox Ethernet port and send all its traffic to your computer.

Link to comment
Share on other sites

@theSuperman I do mean username and password and i as well assumed that it would be encrypted.

My question is ;

1. Are the credentials in the traffic?

2. is there anyway to decrypt it?

I am pretty certain the credentials will be encrypted. Secondly, decrypting the credentials will be a challenging task, since you will need to know what encryption type/method was used to encrypt your credentials in the first place.

On a side note, your credentials would most likely be stored somewhere else besides the Xbox itself, unless you set it to remember, but even if the Xbox remembers your credentials it would definitely be encrypted, which would be back to square one.

Anyway, just some of my thoughts.

Edited by Infiltrator
Link to comment
Share on other sites

My guess is that the XBox would transmit via SSL in which case you could probably use SSLstrip to get the cleartext packet data however from there the username and password itself would probably be encrypted, going off of other Microsoft products it's a reasonable guess that it would be in NTLM which these days is not as secure as it once was.

Link to comment
Share on other sites

My guess is that the XBox would transmit via SSL in which case you could probably use SSLstrip to get the cleartext packet data however from there the username and password itself would probably be encrypted, going off of other Microsoft products it's a reasonable guess that it would be in NTLM which these days is not as secure as it once was.

That's why there is already NTLM V2

Link to comment
Share on other sites

I wonder if you can SSL strip the login process? Is it straight SSL? What about spoofing the xbox login site it posts to, do a wired setup between the xbox and desktop with a crossover cable and then internally on the desktop set up a fake domain or hosts file redirect to localhost or VM IP address for the site it tries to reach and impersonate the site with something like a IIS Virtual machine. See what kind of data you can get out of the xbox and what you can force it to tell you in the process. Maybe even use some kind of self signed/forged certificate, see if the xbox cares.

I did something similar when I first got my wifes Windows 7 box and we tried to figure out why we couldn't get online with it. It wasnt that she couldn't get online, but it was that the way windows 7 is setup, it tries to ping a certain site for DNS resolution, and then access a specific page on the site. If DNS is down or site is down, then windows would not load any web pages for some reason and always tell you they timed out, but trace routes and pings showed the sites could be reached. It was some weird stuff I blogged about a while back, but through a wireshark capture I was able to see where it was trying to go and what it was requesting. I in turn setup a local web server and redirected traffic from her machine to my box and in the process was able to spoof the MS site and then get online.

You can read more about it here: http://www.twistedpairrecords.com/blog/200...ctivity-issues/

I'm not sure how you would implement any of this, but just some ideas to throw out there, might be able to spoof the xbox into giving up the creds.

Link to comment
Share on other sites

That's a very nice theory Digip I might try that on my Xbox at home to see what kind of results I get.

Link to comment
Share on other sites

@theSuperman I do mean username and password and i as well assumed that it would be encrypted.

My question is ;

1. Are the credentials in the traffic?

2. is there anyway to decrypt it?

There is no username/password for Xbox Live. Your gamertag is tied to your email address and a password (mine is my Live account). Your profile is only allowed on one device at a time. The only time you enter those is to recover(download) your gamertag. I doubt the console stores the email address/password on the device and uses that to login. Plus, if you were to figure out the email address and password for someone elses account, it would be pointless to download that onto your console, since they will know the next time the login to theirs (it wont let them sign onto Xbox Live.

Link to comment
Share on other sites

Yes I am aware of all this.

But when i sign into my account xbox doesn't do an auto verification of the email?

I would think that it would have to to get access to my account

I was thinking that when you download your gamertag in a gt recovery it was for gamerscore, credit card info, and avatars and such not just so it can auto login.

Link to comment
Share on other sites

Yes I am aware of all this.

But when i sign into my account xbox doesn't do an auto verification of the email?

I would think that it would have to to get access to my account

I was thinking that when you download your gamertag in a gt recovery it was for gamerscore, credit card info, and avatars and such not just so it can auto login.

My Gamer Profile is 11 megabytes, which would be quite large for just gamerscore, CC info, etc.

Link to comment
Share on other sites

[/quote

So what are you suggesting fills that space?

My gamertag is only 2mb

Well, I have my 360 at my apartment. Before the update that allowed USB drives to be used as memory cards, I would have to recover my gamertag when I went over to friends places. When I would get back to my apartment, I couldnt sign into my profile until I recovered my gamertag on my home console.

I postulate that it is like a private key to sign in. When you recover your gamertag via Xbox Live and download it to a new console, the old key is disabled and you are given a new one.

Anyway, that is pure speculation.

Link to comment
Share on other sites

So what your saying is this key would replace the credentials

Well it is pure speculation on my part. What you can do is attempt to recover a gamertag and after you enter in the email address + password, check to see what packets are sent. I doubt the email address+password would be sent plaintext...but you never know.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...