Jump to content

Sniffing Logon Details On Network


Manna732

Recommended Posts

I am really concerned over a relationship I have with my girlfriend. I suspect that she is cheating on me with a guy she met on Facebook called Daniel. I keep asking her for the truth but she swears she is faithful to me. I don’t want to be going out with a girl who is cheating on me, I cannot live like that.

I was wondering if there is a way to logon to her Facebook account to see if there are messages from Daniel on there. Alternatively, if I can logon to her Hotmail account, I can read her Facebook notifications and see if Daniel is talking to her. I can easily reset her passwords and force entry but then she would know it’s me that did that. She connects to Facebook via her mobile phone. She gets the internet connection over wi-fi from the router beside the main PC downstairs. This PC and network is controlled by me, I have encrypted it with WPA2 and I know all the details. Since I have control over the network, is there a way I can sniff her Facebook or Hotmail details out?

She never logs onto her Hotmail or Facebook on the PC, so I cannot install a keylogger, she only uses her phone. I am asking for some help here, and if this is not possible, I think I will have to end the relationship as I cannot live like this for much longer. I do not wish to cause her harm, or edit her accounts, I just want to know the truth!

Thanks for possible help and sorry if I am causing offence.

Link to comment
Share on other sites

What will you tell her when she asks if you accessed her facebook/email account without her consent?

If I find out she is not cheating on me then a huge amount of stress will be lifted from me. If this is true, she would not know I accessed her account. If I found out she is cheating on me, then I will admit I accessed her account and explain it was for good reason.

Link to comment
Share on other sites

LOL Snooping much lol,

But if you realy wanted to sniff her password, just boot up wire shark while shes on your network , or put a keylogger on your pc,

Just a reminder, "Its not illegal to key log your own pc " And its all so not illegal to access your pc that might just have her session cookie, " and didn't Realize you were on her face book page

digi

Edited by digimaori
Link to comment
Share on other sites

LOL Snooping much lol,

But if you realy wanted to sniff her password, just boot up wire shark while shes on your network , or put a keylogger on your pc,

Just a reminder, "Its not illegal to key log your own pc " And its all so not illegal to access your pc that might just have her session cookie, " and didn't Realize you were on her face book page

digi

As I said, she doesn't use the PC to logon, she uses her phone. When I start capturing on wireshark, I don't see anything relevant in terms of logon details. I need a guide if possible

So if you did some thing that was illegal and behind her back, it's ok because it's you and not her?

I don't understand, I just want to know the truth.

Well... it is if the intention is to steal other peoples passwords

All I want to do is login, check her messages and then logout.

Link to comment
Share on other sites

and she shouldn't know the truth about you stealing her account details?

Doesn't make it less illegal.

If you think it is respectable for me to tell her that I logged into her account whatever I find, then I will do this. If you aren't willing to help me, then ok :(

Link to comment
Share on other sites

Snooping won't fix your relationship. Nothing anyone here tells you will help your current situation. Even if you do get her Facebook info, what does that do for her besides make you look like a creep? What does that do for you besides confirm that you have trust issues with her (whether you are right or wrong)?I hate to tell you this, but if you have that big of a trust issue, just end the relationship. The next step in your relationship's path is both of you being disgruntled at each other and watching your relationship crumble piece by piece.

I know that is not what you wanted to read or hear, but it could be a lot worse than it is right now.

Link to comment
Share on other sites

I agree with mux.

That and the easiest thing would be to MITM between the router and modem. Fire up sslstrip + Wireshark and away you go.

But it is illegal... Wire tap.

The only way you could, from a legal standpoint, not have legal issues were to be if you have publicly posted via warning banner, so on so forth that traffic may be monitored.

Link to comment
Share on other sites

The only way you could, from a legal standpoint, not have legal issues were to be if you have publicly posted via warning banner, so on so forth that traffic may be monitored.

Only if the banner said "by using this connection you agree that you give the owner of the network full access to any and all accounts you may access while using this network". Even then I'm not sure it is legal.

Link to comment
Share on other sites

Only if the banner said "by using this connection you agree that you give the owner of the network full access to any and all accounts you may access while using this network". Even then I'm not sure it is legal.

I know the reverse situation ("Illegal use or connection to this network" or some other spin off) is enough to take someone to court. Not sure about the opposite though. I think there was a thread about 3 or 4 months ago about an IT manager in Canada that couldn't do it to their own company because it was against the law according to their lawyer. As far as the states go, I'm not sure which side of the legal fence this would land on. Banners have always been a gray area for the most part.

Link to comment
Share on other sites

Only if the banner said "by using this connection you agree that you give the owner of the network full access to any and all accounts you may access while using this network". Even then I'm not sure it is legal.

If you have a warning banner that states it, and they accept (by clicking OK and using the connection). It is legal. (Warning Banner)

Or if it's like a policy that is publicly accessible, and if it is worded properly it is legal as well. (Acceptable Use Policy)

That was what i was taught in my Digital Forensic's Criminal Law course.

I also just got home from the bar so don't take my word as text-gold. Laws are complicated by nature, but what I said is the jist of it.

Edited by Mr-Protocol
Link to comment
Share on other sites

If you have a warning banner that states it, and they accept (by clicking OK and using the connection). It is legal. (Warning Banner)

Or if it's like a policy that is publicly accessible, and if it is worded properly it is legal as well. (Acceptable Use Policy)

That was what i was taught in my Digital Forensic's Criminal Law course.

I also just got home from the bar so don't take my word as text-gold. Laws are complicated by nature, but what I said is the jist of it.

Laws are also country dependant, which makes it impossible to give a yes or no answer to "is this legal" type of questions. In some countries this would be illegal, even with a warning banner.

Also while the warning banner would possibly protect you when collecting the login credentials, the moment you used then to access their accounts on other networks you would be caught under Computer Misuse/fraud laws of most countries.

Link to comment
Share on other sites

Leon Walker handed over the emails to Clara's first husband who used them as part of a custody battle for his son.

That was his fuckup. If it is a shared home computer, whomever knows the admin password has rights over all the files.

I think if he didnt hand out her emails he wouldn't of been in such shit. Still trouble probably, but yeah.

Link to comment
Share on other sites

  • 2 weeks later...
Guest Deleted_Account

Logging in may be illegal but AFAIK she or anyone for that matter has no reason to expect privacy on a network or computer owned/operated by another person and as such you can log the data all you want but logging in is whole different situation. But since Facebook doesn't ssl message just wireshark and read them in plain Text.

Link to comment
Share on other sites

Guest Deleted_Account

Actually the intention for the logging may make it illegal depending on laws appropriate to your location. Logging for performance and security, fine. Logging for the purpose of stealing passwords, not fine.

That would probably be a very difficult thing to prove in court though. I could just say it was for performance and security and happened to log other information. But honestly if I where to do it I would do save everything to my encrypted HDD (Cascading algorithms and 64 Char. password) from my laptop with FDE. There would not be any proof as they couldn't access it anyways. for the really paranoid use a live disk and dont save anything even go as far as faking your MAC address.

It is a fine line though that is for sure.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...