Wi-Fiによるモダン ネットストーキング

Transcript

1. 8J'J
   ʹΑΔ
   Ϟμϯ
   ωοτετʔΩϯά
   Akira KUMAGAI @tinbotu 2013ՆٳΈࣗ༝ݚڀ

2. ͋ͱͰσϞΛ͠·͢ • ݸਓΛ௚઀ಛఆՄೳͳ৘ใ͸͋Γ·ͤΜ • ؒ઀తʹ͸ಛఆͷࡐྉʹͳΓಘΔ͔΋ • ಉҙ͍͚ͨͩͳ͍৔߹͸ WiFi σόΠεͷ ిݯΛ੾͍ͬͯͩ͘͞

3. σϞͷର৅ʹͳΔΑ

4. WiFi ͷ͘͠Έ 1.ΫϥΠΞϯτ(ࢠػ) ͕ AP(਌ػ) Λ୳͢ 2.ΫϥΠΞϯτ͕ AP ͷҰཡΛදࣔ 3.Ϣʔβ͕

   AP Λબ୒ 4.ೝূ 5.઀ଓ׬ྃ

5. APҰཡΛදࣔ

6. Ϣʔβ͕APΛબ୒

7. ύεϫʔυೖྗ

8. ύεϫʔυೖྗ ॳճ͚ͩͩΖ

9. WiFi ͷ͘͠Έ(2) 1.ΫϥΠΞϯτ(ࢠػ) ͕ AP(਌ػ) Λ୳͢ 2.هԱ͍ͯ͠Δ AP͕͋Ε͹ 3.هԱ͍ͯ͠ΔύεϫʔυͰೝূ 4.઀ଓ׬ྃ

10. WiFi ͷ͘͠Έ(2) 1.ΫϥΠΞϯτʢࢠػʣ͕ AP Λ୳͢ 2.هԱ͍ͯ͠ΔAP͕͋Ε͹ 3.هԱ͍ͯ͠ΔύεϫʔυͰೝূ 4.઀ଓ׬ྃ શࣗಈ

11. ΋͏গ͠ৄ͘͠

12. ୺຤͸਌ػ͕ͳ͍ͱ ઀ଓͰ͖ͳ͍

13. ୺຤͕AP(਌ػ)ͷଘࡏΛ஌Δํ๏͸2ͭ • AP͕ఆظ์ૹ͍ͯ͠ΔϏʔίϯ*1 • ΞΫςΟϒͳݕग़ཁٻ*2 *1 IEEE802.11 00/1000 Beacon Frame,

    MAC(APͷBSSID), SSID, Capability, BI, TIM ͳͲΛಛఆͷνϟωϧʹͯ௨ৗ20ʙ500msִؒͰૹ৴ *2 IEEE802.11 00/0100 Probe Request, MAC(୺຤ͷMACΞυϨε), SSID(ۭͳΒϒϩʔυΩϟετ) ɹ IEEE802.11 00/0101 Probe Response, େମϏʔίϯͱಉ͡৘ใྔΛಛఆͷ୺຤΁Ԡ౴

14. AP͸௨৴͕ͳ͍ͱ͖΋
    ࣗ෼ͷSSIDͳͲΛఆظతʹ์ૹ͍ͯ͠Δ ͜ΕΛBeacon(Ϗʔίϯ) ͱݺͼ·͢

15. ݕग़ཁٻΛੵۃతʹૹ৴͠ɺAP͔ΒͷԠ౴ ͕͋Ε͹ AP ΛೝࣝͰ͖Δ IEEE802.11 Probe Request

16. ݕग़ཁٻΛੵۃతʹૹ৴͠ɺAP͔ΒͷԠ౴ ͕͋Ε͹ AP ΛೝࣝͰ͖Δ AP ݕग़ཁٻ (Probe Request) ʮAP ୭͔͍·͔͢ʯ

    IEEE802.11 Probe Request

17. ݕग़ཁٻΛੵۃతʹૹ৴͠ɺAP͔ΒͷԠ౴ ͕͋Ε͹ AP ΛೝࣝͰ͖Δ AP ݕग़ཁٻ (Probe Request) ʮAP ୭͔͍·͔͢ʯ

    AP ݕग़Ԡ౴ (Probe Response) ʮ͸͍ɹԶͷ໊͸”MyHomeBuffalo”ʯ IEEE802.11 Probe Request
18. None

19. ୺຤(ࢠػ)͸ϏʔίϯΛड৴͢Δ͔ɺ·ͨ͸
    ݕग़ཁٻΛੵۃతʹૹ৴͠ɺAP͔ΒͷԠ౴ ͕͋Ε͹ AP ΛೝࣝͰ͖Δ

20. ୺຤(ࢠػ)͸ϏʔίϯΛड৴͢Δ͔ɺ·ͨ͸
    ݕग़ཁٻΛੵۃతʹૹ৴͠ɺAP͔ΒͷԠ౴ ͕͋Ε͹ AP ΛೝࣝͰ͖Δ ·ͨ͸ʁ

21. ୺຤(ࢠػ)͸ϏʔίϯΛड৴͢Δ͔ɺ·ͨ͸
    ݕग़ཁٻΛੵۃతʹૹ৴͠ɺAP͔ΒͷԠ౴ ͕͋Ε͹ AP ΛೝࣝͰ͖Δ ݕग़ཁٻ(Probe Request)ͬͯԿΑ AP͕Ϗʔίϯग़ͯ͠Ε͹ଘࡏ͕Θ͔Δ͡ΌΜ ͍Βͳ͍ͷͰ͸ɻ ·ͨ͸ʁ

22. ݕग़ཁٻ͕ඞཁ!

23. ݕग़ཁٻ͕ඞཁ! • ܨ͍͗ͨSSID͕طʹΘ͔ͬͯΔͳΒɺͦͷ SSIDΛ໊ࢦ͠Ͱݕग़ཁٻͨ͠΄͏͕ᴴ͔ʹ ଎͍(ೋճ໨Ҏ߱ͷ઀ଓͱ͔)

24. ݕग़ཁٻ͕ඞཁ! • ܨ͍͗ͨSSID͕طʹΘ͔ͬͯΔͳΒɺͦͷ SSIDΛ໊ࢦ͠Ͱݕग़ཁٻͨ͠΄͏͕ᴴ͔ʹ ଎͍(ೋճ໨Ҏ߱ͷ઀ଓͱ͔) • WiFi ͸νϟωϧ͕͍ͬͺ͍͋Δ͠ɺλΠ ϛϯά͕ѱ͍ͱϏʔίϯΛड৴Ͱ͖ͳ͍

25. ݕग़ཁٻ͕ඞཁ! • ܨ͍͗ͨSSID͕طʹΘ͔ͬͯΔͳΒɺͦͷ SSIDΛ໊ࢦ͠Ͱݕग़ཁٻͨ͠΄͏͕ᴴ͔ʹ ଎͍(ೋճ໨Ҏ߱ͷ઀ଓͱ͔) • WiFi ͸νϟωϧ͕͍ͬͺ͍͋Δ͠ɺλΠ ϛϯά͕ѱ͍ͱϏʔίϯΛड৴Ͱ͖ͳ͍ •

    SSIDΛӅͯ͠ΔAP͸ͦ΋ͦ΋ݟ͑ͳ͍

26. ݕग़ཁٻ͕ඞཁ! • ܨ͍͗ͨSSID͕طʹΘ͔ͬͯΔͳΒɺͦͷ SSIDΛ໊ࢦ͠Ͱݕग़ཁٻͨ͠΄͏͕ᴴ͔ʹ ଎͍(ೋճ໨Ҏ߱ͷ઀ଓͱ͔) • WiFi ͸νϟωϧ͕͍ͬͺ͍͋Δ͠ɺλΠ ϛϯά͕ѱ͍ͱϏʔίϯΛड৴Ͱ͖ͳ͍ •

    SSIDΛӅͯ͠ΔAP͸ͦ΋ͦ΋ݟ͑ͳ͍

27. SSID ໊ࢦ͠Ͱݕग़ཁٻ

28. SSID ໊ࢦ͠Ͱݕग़ཁٻ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ

29. SSID ໊ࢦ͠Ͱݕग़ཁٻ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़Ԡ౴ (Probe

    Response) ʮ͸͍ʯ

30. SSID ໊ࢦ͠Ͱݕग़ཁٻ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़Ԡ౴ (Probe

    Response) ʮ͸͍ʯ ͸΍͍

31. SSID ໊ࢦ͠Ͱݕग़ཁٻ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़Ԡ౴ (Probe

    Response) ʮ͸͍ʯ ͸΍͍ ݕग़ϛε΋ͳ͍

32. ͸΍͍͚Ͳ

33. ໰୊఺

34. • ࢠػ͸ࣗ෼ͷډ৔ॴ͕Θ͔ͬͯͳ͍.
 AP͕ແ͍͸ͣͷ৔ॴͰ΋ Probe Request ͢Δ ໰୊఺

35. • ࢠػ͸ࣗ෼ͷډ৔ॴ͕Θ͔ͬͯͳ͍.
 AP͕ແ͍͸ͣͷ৔ॴͰ΋ Probe Request ͢Δ • Ұ౓઀ଓهԱͤͨ͞Β͠͹Β͘ͷؒ Probe Request

    Λૹग़͠ଓ͚Δ(࣮૷ґଘ) ໰୊఺

36. ͨͱ͑͹౦ژʙതଟΛҠಈ͠·͢

37. ͨͱ͑͹౦ژʙതଟΛҠಈ͠·͢ ࣗ୐ͷAPʹର͢Δݕग़ཁٻ͸ ՈΛग़ͨॠ͔ؒΒ͢΂ͯແବܸͪ ʢి஑ͱ͔ͷແବ͸·͋ࠣ຤ͳ໰୊ʣ

38. SSID ໊ࢦ͠Ͱݕग़ཁٻ

39. SSID ໊ࢦ͠Ͱݕग़ཁٻ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ

40. SSID ໊ࢦ͠Ͱݕग़ཁٻ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़ཁٻ (Probe

    Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ

41. SSID ໊ࢦ͠Ͱݕग़ཁٻ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़ཁٻ (Probe

    Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ

42. SSID ໊ࢦ͠Ͱݕग़ཁٻ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़ཁٻ (Probe

    Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़ཁٻ (Probe Request)

43. SSID ໊ࢦ͠Ͱݕग़ཁٻ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़ཁٻ (Probe

    Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़ཁٻ (Probe Request) ʮ“MyHomeBuffalo”͞Μ͍·͔͢ʯ AP ݕग़ཁٻ (Probe Request) ͜ͷiPhone͕͋ΒΏΔग़ઌͰ “MyHomeBuffalo”ͬͯͷΛཁٻͯ͠ΔΑ͏ͩ

44. ࣮ࡍʹݟͯΈΑ͏

45. None

46. ࣗ෼ͷϊʔτPC(b8:f6:b1:14:fc:1b)͕
 iis-visitor ͬͯͷΛ୳͍ͯ͠Δ

47. iis-visitor
 Ͳ͔͜ͷήετ༻WiFiͬΆ͍

48. iis-visitor
 Ͳ͔͜ͷήετ༻WiFiͬΆ͍ ઀ଓ֮ͨ͑͋͠Δ

49. Probe Request ʹؚ·ΕΔ಺༰

50. Probe Request ʹؚ·ΕΔ಺༰ • ୺຤ͷMACΞυϨε • ୺຤͕઀ଓͨ͜͠ͱͷ͋Δ AP ͷ ESSID


    ʢෳ਺͔΋ʣ • APͷBSSID(MACΞυϨε)͸ؚ·Εͳ͍
51. None
52. None

53. ͜ͷ"QQMF੡඼ͷॴ༗ऀ͸Ϊʔਫʹߦͬͨ͜ͱ ͕͋ͬͯTIJCVIPVTFʹ΋ߦͬͨ͜ͱ͕͋ͬͯ TJOBQʹ΋ߦͬͨ͜ͱ͕͋ͬͯUBLBOP͞Μͱ ໘͕ࣝ͋ΔͩΖ͏ɻ

54. ΍͹͍

55. ετʔΩϯά΁ͷԠ༻

56. ετʔΩϯά΁ͷԠ༻ • ׬શʹडಈ(passive)ͳετʔΩϯάͳͷͰɺ ୺຤ଆͰ͸߈ܸݕ஌͕ෆՄೳ

57. ετʔΩϯά΁ͷԠ༻ • ׬શʹडಈ(passive)ͳετʔΩϯάͳͷͰɺ ୺຤ଆͰ͸߈ܸݕ஌͕ෆՄೳ • WiFi ͕௚઀ಧ͘ൣғʹߦ͘ඞཁ͕͋ͬͯɺ ݫີʹ͸ωοτετʔΩϯά͡Όͳ͍

58. ετʔΩϯά΁ͷԠ༻ • ׬શʹडಈ(passive)ͳετʔΩϯάͳͷͰɺ ୺຤ଆͰ͸߈ܸݕ஌͕ෆՄೳ • WiFi ͕௚઀ಧ͘ൣғʹߦ͘ඞཁ͕͋ͬͯɺ ݫີʹ͸ωοτετʔΩϯά͡Όͳ͍ • λʔήοτͷ୺຤ͷMACΞυϨε͕Θ͔Β

    ͳ͍ͱ୭͕୭͔ͩΘ͔Βͳ͍

59. MACΞυϨεΛ஌Δํ๏

60. MACΞυϨεΛ஌Δํ๏ λʔήοτͷ୺຤ʹ௚઀઀৮͢Δඞཁ͕͋Δ… ͦΕ͕ແཧͳΒਪଌ͢ΔͷΈ

61. σϞ

62. None

63. ଞͷωλ • BSSID(MAC) ͔ΒҐஔ৘ใΛҾ͚ΔAPI • ESSID ͔Β BSSID Λਪଌ͠ Probe

    Request ͔Β୺຤ͷաڈͷҐஔ৘ใΛਪ ଌ

64. ๏཯తͳ࿩ • ి೾๏ ୈ59৚ʢൿີͷอޢʣ • Կਓ΋๏཯ʹผஈͷఆΊ͕͋Δ৔߹Λআ͘΄͔ɺಛఆͷ૬खํʹର͠ ͯߦΘΕΔແઢ௨৴ʢిؾ௨৴ࣄۀ๏ୈ4৚ୈ1߲ຢ͸ୈ164৚ୈ2߲ͷ ௨৴Ͱ͋ Δ΋ͷΛআ͘ɻୈ109৚ฒͼʹୈ109৚ͷ2ୈ2߲ٴͼୈ3߲ʹ͓ ͍ͯಉ͡ɻʣΛ๣डͯͦ͠ͷଘࡏए͘͠͸಺༰Λ࿙Β͠ɺຢ͸͜ΕΛ઄

    ༻ͯ͠͸ͳΒͳ͍ɻ

65. __END__