I found my original post from two years ago on this subject. I didn’t tell the story then, so consider this an update. ;-)

H2K2 – Email Hacking from reconbot on Vimeo.

This is an old one, we used ettercap to sniff the wifi at h2k2.

http://en.wikipedia.org/wiki/Hackers_on_Planet_Earth#H2K2

A lot of fun was had in those few days.

A few years later, I found this video and checked the user/pass reading from the video. They worked! I contacted him to change his password. He was shocked about the event, and I was shocked nobody has seen the video and messed with him. Instead of being angry he felt it was stupid of him to check his email at a hacker’s conference.

I should also add it was outlook web access 2000(?) without ssl. But if it was SSL I could have MITMed it. ;-) I even think back then it would have been SSLv3.0 which you could just break.

Aww, Those were the days.