So once you get on a network what are some things you guys like to do? lets hear steps and apps you use.
usually the first thing i do is try to access the router. I figure control that and you can control the internet.
I will nmap the network to search out what all is on it. then go straight for the router. I do this passively at first. I will just monitor the IP address of the computer closest to the routers. I assume the main computer is hooked up to the router in port 1 and was turned on first. not always a good assumption but it is a place to start. I monitor the computer by using Moxie Marlinspike's SSLstip 0.9 and ettercap in text mode. i usually get a lot more and write it all down for future reference.
I keep extensive notes on everything i discover on the network. really helps for when there are multiple computers, multiple people, printers, gaming systems, etc.
on network... now what?
Re: on network... now what?
- finding the wif ap admin page is usually as easy as 192.168.1.1 , or 192.168.0.1. Those are default IP for wifi APs. They can be parked at .254 or .255. They can be 10.10.1.1 etc - non-public routable IPs. Lastly, a smart admin can even pick their own IP range, as long as its non-public routable/private issed IP range.
-Man in Middle Attack/Session Hijack - you will disassociate a machine while they are logged into a internet transaction, and represent yourself as the victim to the internet.
- ARP poisoning - you let the router know that all transactions for machine A, will be sent to you as well.
-Bogus DNS - direct the victim to a bogus webpage for login
-Disassociation and deauthorization frames - harassment/MIM
You don't attack the machines themselves, but the traffic is controlled.
DNR
-Man in Middle Attack/Session Hijack - you will disassociate a machine while they are logged into a internet transaction, and represent yourself as the victim to the internet.
- ARP poisoning - you let the router know that all transactions for machine A, will be sent to you as well.
-Bogus DNS - direct the victim to a bogus webpage for login
-Disassociation and deauthorization frames - harassment/MIM
You don't attack the machines themselves, but the traffic is controlled.
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.