2

In looking at What can hackers do with a wifi password?, it is said:

Simply said, if someone has your Wifi password, they have full access to all connected computers and devices within your network. This can be used to do anything from copy data, monitor your usage, send data (typically virus or other sniffer program), watch you on your own webcam, play music on your computer, and a variety of other things.

This sounds like it means, if the wifi password is obtained, you can somehow end up directly running a program on someones laptop. I don't quite see the connection there though. Wondering if one can outline the pieces to make the connection.

My attempt at explaining how it might work... I'd imagine that first you would sniff the network traffic given that you are connected to the network. Not sure exactly how this works but it is said it's straightforward to inspect packets from connected devices on a network if you're on it too. Not sure what sort of security exists here. But given they are sniffing the traffic, I would guess they could monitor any passwords you send over the network. From there I guess if you use the same password on your computer as on the internet then they could type in the password on your computer remotely somehow. I am all guessing here, I don't see how it's possible. You would somehow have to inject something directly into the computer, which just seems backwards.

Improve this question
1
  • 5
    They are wrong.
    – defalt
    Commented Dec 30, 2018 at 16:29

1 Answer 1

Reset to default
3

You're mostly right - and indeed, as default commented, "they" are wrong.

What you might do if you had access to the wifi access point would be to lie to the connected devices and turn something they're doing into a point of entry.

For example you might wait until some specific Web request is made to some very common resources (for instance, the jQuery library scripts on a CDN). Then, provided there wasn't any extra security on the call or on the resource (smart sites employ both), you would "tell" the browser that the site hosting the resource is not the real site, but another that you control. The jQuery library there is a modification of the real one, that also performs several tests in search of vulnerabilities.

It could try and download a corrupt PDF file, or a malicious Windows Shell script, and so on.

If one of the exploits is viable, bam!, you own the target machine.

Otherwise, there are still things that can be done even with a limited access - a very common one is try and "enrich" the connected browsers with crypto-mining scripts, stealing some computing power and electricity to run the calculations required to "create" crypto-coins which are then sent to the attacker.

Also, several resources inside the network are often not protected at all (NAS backups, DLNA players, or even computer shares). The data on those is therefore free for the taking.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .