Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Wi-Fiによるモダン ネットストーキング
Search
Akira KUMAGAI
August 24, 2013
Technology
0
1.8k
Wi-Fiによるモダン ネットストーキング
Akira KUMAGAI
August 24, 2013
Tweet
Share
More Decks by Akira KUMAGAI
See All by Akira KUMAGAI
Wi-Fiの混雑に向き合う基本的知識とオフィスWi-Fi提供時の課題
tinbotu
0
89
JANOG39会場ネットワークの裏話
tinbotu
0
360
Wi-Fi再入門〜見えない電波を知識で見抜く
tinbotu
71
160k
Other Decks in Technology
See All in Technology
Proxmox VE超入門 〜 無料で作れるご自宅仮想化プラットフォームブックマークする
devops_vtj
0
210
Amazon Q Developer 他⽣成AIと⽐較してみた
takano0131
1
130
チームの性質によって変わる ADR との向き合い方と、生成 AI 時代のこれから / How to deal with ADR depends on the characteristics of the team
mh4gf
4
350
Re:VIEWで書いた「Compose で Android の edge-to-edge に対応する」をRoo Codeで発表資料にしてもらった
tomoya0x00
0
170
17年のQA経験が導いたスクラムマスターへの道 / 17 Years in QA to Scrum Master
toma_sm
0
450
SSH公開鍵認証による接続 / Connecting with SSH Public Key Authentication
kaityo256
PRO
2
230
バクラクでのSystem Risk Records導入による変化と改善の取り組み/Changes and Improvement Initiatives Resulting from the Implementation of System Risk Records
taddy_919
0
230
「家族アルバム みてね」を支えるS3ライフサイクル戦略
fanglang
3
440
マルチアカウント管理で必須!AWS Organizationsの機能とユースケース解説
nrinetcom
PRO
1
110
ゆるくVPC Latticeについてまとめてみたら、意外と奥深い件
masakiokuda
2
110
【5分でわかる】セーフィー エンジニア向け会社紹介
safie_recruit
0
20k
テキスト解析で見る PyCon APAC 2025 セッション&スピーカートレンド分析
negi111111
0
150
Featured
See All Featured
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
32
2.2k
Product Roadmaps are Hard
iamctodd
PRO
52
11k
Producing Creativity
orderedlist
PRO
344
40k
KATA
mclloyd
29
14k
BBQ
matthewcrist
88
9.5k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.4k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
45
9.5k
Into the Great Unknown - MozCon
thekraken
36
1.7k
Building Adaptive Systems
keathley
41
2.5k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
135
33k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
177
52k
Transcript
8J'JʹΑΔ Ϟμϯ ωοτετʔΩϯά Akira KUMAGAI @tinbotu 2013ՆٳΈࣗ༝ݚڀ
͋ͱͰσϞΛ͠·͢ • ݸਓΛಛఆՄೳͳใ͋Γ·ͤΜ • ؒతʹಛఆͷࡐྉʹͳΓಘΔ͔ • ಉҙ͍͚ͨͩͳ͍߹ WiFi σόΠεͷ ిݯΛ͍ͬͯͩ͘͞
σϞͷରʹͳΔΑ
WiFi ͷ͘͠Έ 1.ΫϥΠΞϯτ(ࢠػ) ͕ AP(ػ) Λ୳͢ 2.ΫϥΠΞϯτ͕ AP ͷҰཡΛදࣔ 3.Ϣʔβ͕
AP Λબ 4.ೝূ 5.ଓྃ
APҰཡΛදࣔ
Ϣʔβ͕APΛબ
ύεϫʔυೖྗ
ύεϫʔυೖྗ ॳճ͚ͩͩΖ
WiFi ͷ͘͠Έ(2) 1.ΫϥΠΞϯτ(ࢠػ) ͕ AP(ػ) Λ୳͢ 2.هԱ͍ͯ͠Δ AP͕͋Ε 3.هԱ͍ͯ͠ΔύεϫʔυͰೝূ 4.ଓྃ
WiFi ͷ͘͠Έ(2) 1.ΫϥΠΞϯτʢࢠػʣ͕ AP Λ୳͢ 2.هԱ͍ͯ͠ΔAP͕͋Ε 3.هԱ͍ͯ͠ΔύεϫʔυͰೝূ 4.ଓྃ શࣗಈ
͏গ͠ৄ͘͠
ػ͕ͳ͍ͱ ଓͰ͖ͳ͍
͕AP(ػ)ͷଘࡏΛΔํ๏2ͭ • AP͕ఆظ์ૹ͍ͯ͠ΔϏʔίϯ*1 • ΞΫςΟϒͳݕग़ཁٻ*2 *1 IEEE802.11 00/1000 Beacon Frame,
MAC(APͷBSSID), SSID, Capability, BI, TIM ͳͲΛಛఆͷνϟωϧʹͯ௨ৗ20ʙ500msִؒͰૹ৴ *2 IEEE802.11 00/0100 Probe Request, MAC(ͷMACΞυϨε), SSID(ۭͳΒϒϩʔυΩϟετ) ɹ IEEE802.11 00/0101 Probe Response, େମϏʔίϯͱಉ͡ใྔΛಛఆͷԠ
AP௨৴͕ͳ͍ͱ͖ ࣗͷSSIDͳͲΛఆظతʹ์ૹ͍ͯ͠Δ ͜ΕΛBeacon(Ϗʔίϯ) ͱݺͼ·͢
ݕग़ཁٻΛੵۃతʹૹ৴͠ɺAP͔ΒͷԠ ͕͋Ε AP ΛೝࣝͰ͖Δ IEEE802.11 Probe Request
ݕग़ཁٻΛੵۃతʹૹ৴͠ɺAP͔ΒͷԠ ͕͋Ε AP ΛೝࣝͰ͖Δ AP ݕग़ཁٻ (Probe Request) ʮAP ୭͔͍·͔͢ʯ
IEEE802.11 Probe Request
ݕग़ཁٻΛੵۃతʹૹ৴͠ɺAP͔ΒͷԠ ͕͋Ε AP ΛೝࣝͰ͖Δ AP ݕग़ཁٻ (Probe Request) ʮAP ୭͔͍·͔͢ʯ
AP ݕग़Ԡ (Probe Response) ʮ͍ɹԶͷ໊”MyHomeBuffalo”ʯ IEEE802.11 Probe Request
None
(ࢠػ)ϏʔίϯΛड৴͢Δ͔ɺ·ͨ ݕग़ཁٻΛੵۃతʹૹ৴͠ɺAP͔ΒͷԠ ͕͋Ε AP ΛೝࣝͰ͖Δ
(ࢠػ)ϏʔίϯΛड৴͢Δ͔ɺ·ͨ ݕग़ཁٻΛੵۃతʹૹ৴͠ɺAP͔ΒͷԠ ͕͋Ε AP ΛೝࣝͰ͖Δ ·ͨʁ
(ࢠػ)ϏʔίϯΛड৴͢Δ͔ɺ·ͨ ݕग़ཁٻΛੵۃతʹૹ৴͠ɺAP͔ΒͷԠ ͕͋Ε AP ΛೝࣝͰ͖Δ ݕग़ཁٻ(Probe Request)ͬͯԿΑ AP͕Ϗʔίϯग़ͯ͠Εଘࡏ͕Θ͔Δ͡ΌΜ ͍Βͳ͍ͷͰɻ ·ͨʁ
ݕग़ཁٻ͕ඞཁ!
ݕग़ཁٻ͕ඞཁ! • ܨ͍͗ͨSSID͕طʹΘ͔ͬͯΔͳΒɺͦͷ SSIDΛ໊ࢦ͠Ͱݕग़ཁٻͨ͠΄͏͕ᴴ͔ʹ ͍(ೋճҎ߱ͷଓͱ͔)
ݕग़ཁٻ͕ඞཁ! • ܨ͍͗ͨSSID͕طʹΘ͔ͬͯΔͳΒɺͦͷ SSIDΛ໊ࢦ͠Ͱݕग़ཁٻͨ͠΄͏͕ᴴ͔ʹ ͍(ೋճҎ߱ͷଓͱ͔) • WiFi νϟωϧ͕͍ͬͺ͍͋Δ͠ɺλΠ ϛϯά͕ѱ͍ͱϏʔίϯΛड৴Ͱ͖ͳ͍
ݕग़ཁٻ͕ඞཁ! • ܨ͍͗ͨSSID͕طʹΘ͔ͬͯΔͳΒɺͦͷ SSIDΛ໊ࢦ͠Ͱݕग़ཁٻͨ͠΄͏͕ᴴ͔ʹ ͍(ೋճҎ߱ͷଓͱ͔) • WiFi νϟωϧ͕͍ͬͺ͍͋Δ͠ɺλΠ ϛϯά͕ѱ͍ͱϏʔίϯΛड৴Ͱ͖ͳ͍ •
SSIDΛӅͯ͠ΔAPͦͦݟ͑ͳ͍
ݕग़ཁٻ͕ඞཁ! • ܨ͍͗ͨSSID͕طʹΘ͔ͬͯΔͳΒɺͦͷ SSIDΛ໊ࢦ͠Ͱݕग़ཁٻͨ͠΄͏͕ᴴ͔ʹ ͍(ೋճҎ߱ͷଓͱ͔) • WiFi νϟωϧ͕͍ͬͺ͍͋Δ͠ɺλΠ ϛϯά͕ѱ͍ͱϏʔίϯΛड৴Ͱ͖ͳ͍ •
SSIDΛӅͯ͠ΔAPͦͦݟ͑ͳ͍
SSID ໊ࢦ͠Ͱݕग़ཁٻ
SSID ໊ࢦ͠Ͱݕग़ཁٻ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ
SSID ໊ࢦ͠Ͱݕग़ཁٻ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़Ԡ (Probe
Response) ʮ͍ʯ
SSID ໊ࢦ͠Ͱݕग़ཁٻ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़Ԡ (Probe
Response) ʮ͍ʯ ͍
SSID ໊ࢦ͠Ͱݕग़ཁٻ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़Ԡ (Probe
Response) ʮ͍ʯ ͍ ݕग़ϛεͳ͍
͍͚Ͳ
• ࢠػࣗͷډॴ͕Θ͔ͬͯͳ͍. AP͕ແ͍ͣͷॴͰ Probe Request ͢Δ
• ࢠػࣗͷډॴ͕Θ͔ͬͯͳ͍. AP͕ແ͍ͣͷॴͰ Probe Request ͢Δ • ҰଓهԱͤͨ͞Β͠Β͘ͷؒ Probe Request
Λૹग़͠ଓ͚Δ(࣮ґଘ)
ͨͱ͑౦ژʙതଟΛҠಈ͠·͢
ͨͱ͑౦ژʙതଟΛҠಈ͠·͢ ࣗͷAPʹର͢Δݕग़ཁٻ ՈΛग़ͨॠ͔ؒΒͯ͢ແବܸͪ ʢిͱ͔ͷແବ·͋ࠣͳʣ
SSID ໊ࢦ͠Ͱݕग़ཁٻ
SSID ໊ࢦ͠Ͱݕग़ཁٻ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ
SSID ໊ࢦ͠Ͱݕग़ཁٻ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़ཁٻ (Probe
Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ
SSID ໊ࢦ͠Ͱݕग़ཁٻ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़ཁٻ (Probe
Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ
SSID ໊ࢦ͠Ͱݕग़ཁٻ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़ཁٻ (Probe
Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़ཁٻ (Probe Request)
SSID ໊ࢦ͠Ͱݕग़ཁٻ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़ཁٻ (Probe
Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़ཁٻ (Probe Request) ͜ͷiPhone͕͋ΒΏΔग़ઌͰ “MyHomeBuffalo”ͬͯͷΛཁٻͯ͠ΔΑ͏ͩ
࣮ࡍʹݟͯΈΑ͏
None
ࣗͷϊʔτPC(b8:f6:b1:14:fc:1b)͕ iis-visitor ͬͯͷΛ୳͍ͯ͠Δ
iis-visitor Ͳ͔͜ͷήετ༻WiFiͬΆ͍
iis-visitor Ͳ͔͜ͷήετ༻WiFiͬΆ͍ ଓ֮ͨ͑͋͠Δ
Probe Request ʹؚ·ΕΔ༰
Probe Request ʹؚ·ΕΔ༰ • ͷMACΞυϨε • ͕ଓͨ͜͠ͱͷ͋Δ AP ͷ ESSID
ʢෳ͔ʣ • APͷBSSID(MACΞυϨε)ؚ·Εͳ͍
None
None
͜ͷ"QQMFͷॴ༗ऀΪʔਫʹߦͬͨ͜ͱ ͕͋ͬͯTIJCVIPVTFʹߦͬͨ͜ͱ͕͋ͬͯ TJOBQʹߦͬͨ͜ͱ͕͋ͬͯUBLBOP͞Μͱ ໘͕ࣝ͋ΔͩΖ͏ɻ
͍
ετʔΩϯάͷԠ༻
ετʔΩϯάͷԠ༻ • શʹडಈ(passive)ͳετʔΩϯάͳͷͰɺ ଆͰ߈ܸݕ͕ෆՄೳ
ετʔΩϯάͷԠ༻ • શʹडಈ(passive)ͳετʔΩϯάͳͷͰɺ ଆͰ߈ܸݕ͕ෆՄೳ • WiFi ͕ಧ͘ൣғʹߦ͘ඞཁ͕͋ͬͯɺ ݫີʹωοτετʔΩϯά͡Όͳ͍
ετʔΩϯάͷԠ༻ • શʹडಈ(passive)ͳετʔΩϯάͳͷͰɺ ଆͰ߈ܸݕ͕ෆՄೳ • WiFi ͕ಧ͘ൣғʹߦ͘ඞཁ͕͋ͬͯɺ ݫີʹωοτετʔΩϯά͡Όͳ͍ • λʔήοτͷͷMACΞυϨε͕Θ͔Β
ͳ͍ͱ୭͕୭͔ͩΘ͔Βͳ͍
MACΞυϨεΛΔํ๏
MACΞυϨεΛΔํ๏ λʔήοτͷʹ৮͢Δඞཁ͕͋Δ… ͦΕ͕ແཧͳΒਪଌ͢ΔͷΈ
σϞ
None
ଞͷωλ • BSSID(MAC) ͔ΒҐஔใΛҾ͚ΔAPI • ESSID ͔Β BSSID Λਪଌ͠ Probe
Request ͔ΒͷաڈͷҐஔใΛਪ ଌ
๏తͳ • ి๏ ୈ59ʢൿີͷอޢʣ • Կਓ๏ʹผஈͷఆΊ͕͋Δ߹Λআ͘΄͔ɺಛఆͷ૬खํʹର͠ ͯߦΘΕΔແઢ௨৴ʢిؾ௨৴ࣄۀ๏ୈ4ୈ1߲ຢୈ164ୈ2߲ͷ ௨৴Ͱ͋ ΔͷΛআ͘ɻୈ109ฒͼʹୈ109ͷ2ୈ2߲ٴͼୈ3߲ʹ͓ ͍ͯಉ͡ɻʣΛडͯͦ͠ͷଘࡏए͘͠༰Λ࿙Β͠ɺຢ͜ΕΛ
༻ͯ͠ͳΒͳ͍ɻ
__END__