lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <BAY14-F27xcbz37cfJi0003923b@hotmail.com>
Date: Tue, 22 Jun 2004 10:04:14 +0100
From: "zcrips xrabbitz" <zcrips_xrabbitz@...mail.com>
To: filipe.almeida@...il.com
Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com,
   vulnwatch@...nwatch.org, zcrips_xrabbitz@...mail.com
Subject: Re: Troubles with Wireless pentest


thanks
  i may have missed saying that
the better part of the packets going trough the network had local 
destinations
like lots of netbios queries, smb and the like with the local machines eth 
addr and ip addr.




>From: Filipe Almeida <filipe.almeida@...il.com>
>To: sammy adedayo <sammyscity@...oo.com>
>CC: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com, 
>vulnwatch@...nwatch.org, zcrips_xrabbitz@...mail.com
>Subject: Re: [Full-Disclosure] Troubles with Wireless pentest
>Date: Mon, 21 Jun 2004 20:00:55 +0100
>
>Hi,
>First, you should get the mac address of the gateway. This is easy,
>just look at the destination mac of the outgoing packets or the source
>mac of incoming packets.
>Then add a static arp entry of an ip of your subnet with that mac
>address and use it as the gateway.
>Traceroute or record route should get you the real ip of the gateway.
>
>Regards,
>Filipe Almeida
>http://community.sidestep.pt/~filipe/
>
>
>----- Original Message -----
>From: sammy adedayo <sammyscity@...oo.com>
>Date: Mon, 21 Jun 2004 10:41:28 -0700 (PDT)
>Subject: [Full-Disclosure] Troubles with Wireless pentest
>To: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com,
>vulnwatch@...nwatch.org
>Cc: zcrips_xrabbitz@...mail.com
>
>
>
>
>
>A little help would be appreciated on this.
>
>
>
>
>
>        A few problems occurred during a wireless pentest I am
>presently undertaking. First a foundation,
>
>
>1) The pentest was a zero knowledge kind,  no information was given,
>in fact we were forbidden to ask for help from any of the staffs
>
>
>These I found during the first day.
>
>
>2) The network had a weak point = its wireless network.
>
>
>3) The wireless network was encrypted but with the weak wep and for a
>large corporation the data captured was enough to get the key
>
>
>4) The network in focus is quite large with multiple subnets and lots
>of �firewalls�
>
>
>These I did.
>
>
>5) Using kismet I sniffed a whole lot of packets. And decoded them
>with the found wep key
>
>
>6) Then using my conventional ettercap and ethereal I looked through
>the packets.
>
>
>Now The Problem.
>
>
>7) I tried to connect to the net work
>
>
>8) I used a nice ip to match those on the network
>
>
>9) Then I used ettercap to try and passively find the gateway but could not
>
>
>10) I used etterape to watch the packet flow but I could not figure
>out the gateway from all that traffic
>
>
>HELP
>
>
>HOW CAN I GET THE GATEWAY FOR THE WIRELESS NETWORK  AND IS THERE ANY
>WAY I COULD ROUTE PACKETS TO / CONNECT TO/ SCAN THE REST OF THE
>MACHINES ON THE NETWORK WITH OUT THE GATEWAYS ADDRESS.
>
>
>
>
>
>OR IS THERE A BETTER WAY TO DO THE WHOLE PENTEST?
>
>
>Pls help would be gladly appreciated.
>
>
>Any ideas are welcome. THANKS�
>
>
>
>
>
>Zippers crips
>
>
>
>
>
>The Zcrips Inc
>
>
>-----------------------------------------------------------------
>
>
>a man is only limited by his imaginative abilities
>
>
>
>
>
>		________________________________
>Do you Yahoo!?
>
>Yahoo! Mail - You care about security. So do we.

_________________________________________________________________
MSN 8 with e-mail virus protection service: 2 months FREE* 
http://join.msn.com/?page=features/virus

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ