Snarfing
Snarf is a term used by computer programmers meaning to grab a large document, file, content, or data, and use it without the author (owner)'s permission. In the UNIX community the term means the acquisition of a file or set of files across a network. It also refers to using command line tools to transfer files through the HTTP, gopher, finger, and FTP protocols without user interaction, and to a method of achieving cache coherence in a multiprocessing computer architecture through observation of writes to cached data.
Example
An example of a snarf is the Evil twin attack, using a simple shell script running software like AirSnarf[1] to create a wireless hotspot complete with a captive portal. Wireless clients that associate to a snarf access point will receive an IP, DNS, and gateway and appear completely normal. Users will have all of their DNS queries resolve to the attacker's IP number, regardless of their DNS settings, so any website they attempt to visit will bring up a snarf "splash page", requesting a username and password. The username and password entered by unsuspecting users will be mailed to root@localhost. The reason this works is:
- Legitimate access points can be impersonated and/or drowned out by rogue access points, and
- Users without a means to validate the authenticity of access points will nevertheless give up their hotspot credentials when asked for them
See also
References
- Potter, Bruce G. (1996-10-16). "'Airsnarf' - A rogue AP setup utility". The Shmoo Group. p. 1. Retrieved 2012-11-03.
Airsnarf is a simple rogue wireless access point setup utility designed to demonstrate how a rogue AP can steal usernames and passwords from public wireless hotspots. Airsnarf was developed and released to demonstrate an inherent vulnerability of public 802.11b hotspots--snarfing usernames and passwords by confusing users with DNS and HTTP redirects from a competing AP.