lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: zcrips_xrabbitz at hotmail.com (zcrips xrabbitz)
Subject: trouble with wireless pentest

hi everyone,
      i have been taking on my first large and blind wireless pentest
and i 
have nearly become lost in the jaws of a wireless network and would 
appreciate any help. first i'lll state what i have so far done and seen
 
the network was encrypted but with wep and large traffic so i was able
to 
bruteforce the key
The network in focus is quite large with multiple subnets and lots of 
"firewalls"
 
These I did.
 
Using kismet I sniffed a whole lot of packets. And decoded them with the

found wep key
 
Then using my conventional ettercap and ethereal I looked through the 
packets.
i sniffed a lot more with ettereal and looked through them for a similar
mac 
address but all packets
had i local (destination) ip and mac address
 
Now The Problem.
 
I tried to connect to the net work
 
I used a nice ip to match one on the network
(8.5) i changed mac addresses to match the host i was spoofing.
 
then i tried to route packets to another client
which failed with the network unreachable error
i tried a traceroute to my target client but it failed too with the same

error
 
i used ettercap to passively watch traffic and came up with a
comprehensive 
list of ip/mac addresses and tried to spoof most of them but still my 
packets didn't get routed
i tried using etterape to watch traffic flow and come up with a route
but i 
figure out that nearly all traffic was internal most hosts were
connecting 
to each other
 
HELP:
    HOW CAN I ROUTE PACKETS THROUGH  TO OTHER CLIENTS OR BECOME A CLIENT
OR IS THERE A BETTER WAY I COULD DO THIS WHOLE PENTEST FROM THE BEGINING
PLS ANY HELP WOULD BE APPRECIATED.
 
 
ZIPPERS CRIPS
 
_________________________________________________________________
 
The Zcrips Inc
-----------------------------------------------------------------
a man is only limited by his imaginative abilities
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040624/18a3ee79/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ