If an attacker plugged a standard outlet-to-ethernet adapter into an outlet inside my house, and then plugged in an ethernet-to-usb adapter into a raspberry pi, would the raspberry pi connect to the network? would it need a password to connect? would the raspberry pi save the wifi password if it were able to connect without needing a password?
Asked
Active
Viewed 234 times
-1
-
1What do you mean by "an outlet"? Whose Raspberry Pi is it? Yours? Attacker's? – techraf Jan 06 '17 at 05:15
-
You mean a power outlet? Do you run ethernet over power in your home? – schroeder Jan 06 '17 at 07:33
-
I'd be more concerned that someone could get into my house – iainpb Jan 06 '17 at 08:58
3 Answers
1
The scenario you describe:
Attacker's gear:
Raspberry pi<==>USB to Ethernet<==>Ethernet to power<==>Your electrical system
In this scenario, the attacker's 'raspberry pi' will see any network traffic on your electrical system*. If your network has an Ethernet over power adapter attached, see this question for how secure packets on your electrical system are from eves dropping. If your network doesn't have a Ethernet over power adapter attached to it, it is not putting packets on your electrical system and the attacker cannot see your network in this way.
In any case, even if the attacker can see your network packets, unless he is also listening to the WiFi radio frequencies, he cannot capture your WiFi password. If he is monitoring this frequency, and you are using WEP encryption or no encryption, he can capture your password. If you are using WPA or (preferably) WPA2 encryption and a strong WiFi password, he will be able to see the encrypted password but it will be secure.
*Transmission of network packets over power systems is sometimes blocked if two Ethernet over power adapters are placed on different 'legs' of a electrical distribution system. The legs are determined by which phase is used of the (220volt) three phase power that is split into regular (110 volt) house voltage.
Mark Ripley
- 657
- 4
- 9
0
Typically, in consumer-grade wifi routers, all the Ethernet ports are enabled and if anyone connect to your Ethernet port, they will have access to your wifi network, unless you have explicitly separated the two networks and have created access control rules.
Even with that the raspberry pi would not need a password
DDS
- 21
- 2
0
If the attacker plugged to your Ethernet, then he is in your network. Unless you do a MAC filtering or any other Authentication mechanism to your network.
would the raspberry pi connect to the network?
Yes it does
would it need a password to connect?
No unless you implement an Authentication mechanism to your network.
would the raspberry pi save the wifi password if it were able to connect without needing a password?
I think you are worrying about the Ethernet connection here? If your WiFi AP do have a password to log in , Raspberry pi cannot connect to the Wifi. Even though the attacker connects to your Ethernet, he need to access your Router to gain access to the Wifi password. I hope you have a decent protection ( at least a log in password ) to your Router?
The attacker can crack your WiFi interface if your AP setup is weak but it is in a different context to this problem.
user3496510
- 1,257
- 2
- 12
- 26