lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040621174128.48243.qmail@web53010.mail.yahoo.com>
Date: Mon, 21 Jun 2004 10:41:28 -0700 (PDT)
From: sammy adedayo <sammyscity@...oo.com>
To: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com,
   vulnwatch@...nwatch.org
Cc: zcrips_xrabbitz@...mail.com
Subject: Troubles with Wireless pentest


A little help would be appreciated on this.

 

       A few problems occurred during a wireless pentest I am presently undertaking. First a foundation,

1) The pentest was a zero knowledge kind,  no information was given, in fact we were forbidden to ask for help from any of the staffs

These I found during the first day.

2) The network had a weak point = its wireless network.

3) The wireless network was encrypted but with the weak wep and for a large corporation the data captured was enough to get the key

4) The network in focus is quite large with multiple subnets and lots of �firewalls�

These I did.

5) Using kismet I sniffed a whole lot of packets. And decoded them with the found wep key

6) Then using my conventional ettercap and ethereal I looked through the packets.

Now The Problem.

7) I tried to connect to the net work 

8) I used a nice ip to match those on the network

9) Then I used ettercap to try and passively find the gateway but could not

10) I used etterape to watch the packet flow but I could not figure out the gateway from all that traffic 

HELP

HOW CAN I GET THE GATEWAY FOR THE WIRELESS NETWORK  AND IS THERE ANY WAY I COULD ROUTE PACKETS TO / CONNECT TO/ SCAN THE REST OF THE MACHINES ON THE NETWORK WITH OUT THE GATEWAYS ADDRESS.

 

OR IS THERE A BETTER WAY TO DO THE WHOLE PENTEST?

Pls help would be gladly appreciated.

Any ideas are welcome. THANKS�

 

Zippers crips

 

The Zcrips Inc

-----------------------------------------------------------------

a man is only limited by his imaginative abilities

 


		
---------------------------------
Do you Yahoo!?
Yahoo! Mail - You care about security. So do we.
Content of type "text/html" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ