Results 1 to 10 of 26

Thread: I give UP !!!!

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Apr 2008
    Posts
    7

    Default I give UP !!!!

    hello all, yes i give up in this problem that i've never seen something like it before. it's been 13 days and i still reading and searching for a solution with no success ! that's why am asking your professional opinion.

    here is my scenario :

    a friend has set up a :

    USR 9106 wireless router with WEP eanbled-mac filtering "my friend who setup this claims that he can protect the Wlan inspite of using such a weak encryption algorithm".

    1 Compaq v6000 laptops running winXP sp2 (communicating with the router to make the packets flow around )

    1 pc that has dual boot (windows xp sp2 - BT3 beta) "this pc supposed to test the security between the previous two machines"


    the router and laptop has some settings "configurations and securty" that make the laptop able to connect to the router and reach an internet connection.

    now , using the pc to test how much it takes to get in the network :
    it was a piece of cake cracking the WEP pass ,bypassing the mac filtiring feature, and set up a fixed IP (192.168.1.55) after determining that DHCP is disabled by the router .

    now after connecting i discovered that the router ip range has been modified "so must the laptop ip"

    yeah it's pretty easy to bypass that too , i fired up wireshark and waited while it's listening ,here comes the problem ! i can't detect the IP of the router nor the IP of the test laptop !!! tcpdump didn't go any further too !

    the connection status shows some packets in the sent field ,,with 0 packets in the recieved field.


    any Ideas ?
    thank you in advance and sorry for being long

  2. #2
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Sounds like your friend was right.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  3. #3
    Junior Member 0tt0v0nc4t's Avatar
    Join Date
    Mar 2008
    Posts
    69

    Default

    Perhaps you are better off relaxing the security on your AP and then trying to get around one security feature at a time. I.e. Enable DHCP and ICMP and then disable any firewalls you might have up.


    Remember each security function takes a different skill to bypass and ninja's dont learn all their moves at once.

  4. #4
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    I give UP !!!!
    Yet you had to post to let us know?
    now after connecting i discovered that the router ip range has been modified "so must the laptop ip"

    yeah it's pretty easy to bypass that too , i fired up wireshark and waited while it's listening ,here comes the problem ! i can't detect the IP of the router nor the IP of the test laptop !!! tcpdump didn't go any further too !

    the connection status shows some packets in the sent field ,,with 0 packets in the recieved field.
    If you're not part of the same address range how do you expect to see any traffic? Do some homework on ARP.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  5. #5
    Just burned his ISO
    Join Date
    Apr 2008
    Posts
    7

    Cool

    Quote Originally Posted by streaker69 View Post
    Sounds like your friend was right.
    damn !


    Quote Originally Posted by 0tt0v0nc4t View Post
    Perhaps you are better off relaxing the security on your AP and then trying to get around one security feature at a time. I.e. Enable DHCP and ICMP and then disable any firewalls you might have up.
    thanx for yr post ,, well i've cracked the same router many times before with variety security options, but the worst thing is when u donut know "who is your enemy" coz i really donut know what the heck is going on now ,,sure thing will try the configurations he sat one by one ,,but for now i donut wanna ruin his conf .
    thanx again




    Quote Originally Posted by thorin View Post
    Yet you had to post to let us know?
    If you're not part of the same address range how do you expect to see any traffic? Do some homework on ARP.
    well ,it's not my first time getting into a similar situation , besides sniffers like wireshark will get the traffic "or at least it will tell u the addresses that r trying to transmit packets" that is being redirected into the network even if u were not in the same ip-range-mask

  6. #6
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Quote Originally Posted by raven4d View Post
    well ,it's not my first time getting into a similar situation , besides sniffers like wireshark will get the traffic "or at least it will tell u the addresses that r trying to transmit packets" that is being redirected into the network even if u were not in the same ip-range-mask
    You're right I shouldn't have assumed it was a switched network. If you were all behind a hub you'd see everyone's traffic.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  7. #7
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by raven4d View Post
    damn !

    thanx for yr post ,, well i've cracked the same router many times before with variety security options, but the worst thing is when u donut know "who is your enemy" coz i really donut know what the heck is going on now ,,sure thing will try the configurations he sat one by one ,,but for now i donut wanna ruin his conf .
    thanx again


    well ,it's not my first time getting into a similar situation , besides sniffers like wireshark will get the traffic "or at least it will tell u the addresses that r trying to transmit packets" that is being redirected into the network even if u were not in the same ip-range-mask
    mmmmmmMMMMMmmmmmmmmm, donuts.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  8. #8
    Junior Member 0tt0v0nc4t's Avatar
    Join Date
    Mar 2008
    Posts
    69

    Default

    Quote Originally Posted by raven4d View Post
    i've cracked the same router many times before with variety security options, but the worst thing is when u donut know "who is your enemy" coz i really donut know what the heck is going on now ,,sure thing will try the configurations he sat one by one ,,but for now i donut wanna ruin his conf .
    If you dont know who owns the AP you are attacking then you obviously do not have permission to do so. Whats going on is, you are breaking the law! You should spend some time to google why people use backtrack and its programs before you ask how.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •