Assuming you’re using a real computer which runs Mac OS X-
- Download EtherPEG
- Open Terminal.app, type:
sudo chmod 777 /dev/bpf*
This enables promiscuous access to Ethernet devices.
- Then type:
ifconfig -a
to figure out if your wireless card is on en0 or en1. (Most Macs should use en1)
- Load the correct version of EtherPEG depending on what network interface is wireless. (EtherPEG (en1).app for my computer.)
- Connect to MetroFi-Free if you’re not already.
You should see a series of dots rolling across the bottom of the screen indicating network activity. If you have another device you can get on the MetroFi-Free network, pull up a web site using it. For this example, I’m connected to MetroFi-Free on my iPhone and I navigated to http://www.napersun.com/
And like magic, on my Mac Mini…
(Click for full size.)
Creepy, huh? EtherPEG only seems to run successfully on my PowerPC Mac Mini, and wants nothing to do with intercepting traffic on my Intel MacBook Pro… So unless you’re rocking an older pre-Intel Mac, this might not work for you. (Hey, the program itself is close to ten years old.) Either way, this is nothing more than a fraction of what is possible when it comes to exploiting an unencrypted wireless network.
September 17th, 2007 at 6:12 pm
To encourage safe use of MetroFi’s open-access free Wi-Fi networks, we recommend users take some preventative and protective measures as they surf the Web. In fact, we recently published a two-part article series on this topic with helpful information and links to some free online security resources:
Tips for Staying Safe on MetroFi Networks
http://www.metrofi.com/chunk-62.html
FREE Online Security Tools
http://www.metrofi.com/chunk-78.html
Please note: Online security risks aren’t limited to wireless Internet connections, and apply to any online connection.
November 9th, 2007 at 1:07 pm
EtherPEG, fresh download, 100% fail so far on a dual core CPU Macintosh Mini running OSX 10.4.10
Have tried the chmod trick, sudo, and even downloading the proper libpcap and recompiling the thing. Firewall’s always been off (no inbound services running). No results whatsoever, and no packets logged either.
Possibilities I’m going to look at are that its not seeing the WiFi as being ethernet due to something simple and stupid like needing a new device ID, the packets are never even processed thru libpcap to begin with (ouch), or something else is still misconfigured on my end.