Snarfing

From HandWiki
Revision as of 17:50, 6 March 2023 by AnLinks (talk | contribs) (update)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Snarf is a term used by computer programmers and the UNIX community meaning to copy a file or data over a network, for any purpose, with additional specialist meanings to access data without appropriate permission.[1] It also refers to using command line tools to transfer files through the HTTP, gopher, finger, and FTP protocols without user interaction, and to a method of achieving cache coherence in a multiprocessing computer architecture through observation of writes to cached data.

Example

An example of a snarf is the Evil twin attack, using a simple shell script running software like AirSnarf[2] to create a wireless hotspot complete with a captive portal. Wireless clients that associate to a snarf access point will receive an IP, DNS, and gateway and appear completely normal. Users will have all of their DNS queries resolve to the attacker's IP number, regardless of their DNS settings, so any website they attempt to visit will bring up a snarf "splash page", requesting a username and password. The username and password entered by unsuspecting users will be mailed to root@localhost. The reason this works is:

  1. Legitimate access points can be impersonated and/or drowned out by rogue access points, and
  2. Users without a means to validate the authenticity of access points will nevertheless give up their hotspot credentials when asked for them

See also

References

  1. "snarf". http://catb.org/jargon/html/S/snarf.html. 
  2. Potter, Bruce G. (1996-10-16). "'Airsnarf' - A rogue AP setup utility". pp. 1. http://airsnarf.shmoo.com. "Airsnarf is a simple rogue wireless access point setup utility designed to demonstrate how a rogue AP can steal usernames and passwords from public wireless hotspots. Airsnarf was developed and released to demonstrate an inherent vulnerability of public 802.11b hotspots--snarfing usernames and passwords by confusing users with DNS and HTTP redirects from a competing AP." 

External links