After the fact of wep
Forgive me if this is dumb sounding, this is like my second post ever or so. But I've been on this site reading anything and everything on cracking a wep key. Took me forever to figure out how to get through my own router... finally one day everything clicked. Posts made sense and same with videos (thank you xploitz- you're my hero). My question now is, after I am through my own wep key- i want to keep learning more. Where would a newer guy start? How do i step it up to the next level? Browseing through my desktop connected to that router?
Well you could go several different routes really. You could setup a vulnerable dummy system (VM or physical) and try getting into it from your B|T box, or you could do some MitM type attacks (ARP poisoning, packet sniffing, etc, etc) or even some basic intranet enumeration. It's up to you really but make sure you do your research beforehand.Originally Posted by 1shot_1kill
"The goal of every man should be to continue living even after he can no longer draw breath."
~ShadowKill
Thanks for the quick reply. It seems to me it's either basic wep crack or complex projects. Not enough hours in a day for me... The more I read into this stuff the more paranoid I'm getting of what could be done to me. I think arp poisoning might be a fun new project.
P.s. you guys have a great community here. Just awesome! Any other semi simple projects to read up on?
Sniffing is relatively easy, so I'd suggest messing with dsniff and associated tools.
I'd recommend going the way of ettercap and doing some basic packet sniffing. Try and do some image/file replacement type of scenerios etc.
Also, if you haven't already looked into them, I highly recommend doing the De-Ice courses. You will learn loads if you are just starting out. They are a pretty priceless learning aid and can help you quickly get a grasp on what it is we do.
"The goal of every man should be to continue living even after he can no longer draw breath."
~ShadowKill
alright, figured out how to do the arp poisoning. (thats some dangerous stuff if in the wrong hands) now what else we got to do? i'm sure i could figure it out but you guys got another way to bring it up to the next step? a way to browse my other computer's internals? almost like a remote admin. if that sounds like a "bad" thing to do then it doesn't have to be answered. i'll understand.
Look into those De-Ice courses I told you about earlier. They will help you advance at a pretty reasonable rate.
"The goal of every man should be to continue living even after he can no longer draw breath."
~ShadowKill
appreciate the responses shadowkill.I kind of looked at them, but with a job and going full time for electronic and industrial automation i'm not sure if i'll have all the time in the world. (or any money right now... it's cheaper to sit at home and read remote-exploit forums all night
Just get the De-ICE pentest discs. If you run them on your local machine using VMware it will not cost you a penny. I vouch for these live-CDs as well, they are a great learning tool and give you the possibility to try out your skills in a close to real-life penetration test assignment without the need for any additional equipment.(or any money right now... it's cheaper to sit at home and read remote-exploit forums all night
-Monkeys are like nature's humans.
Posting Permissions
