Results 1 to 9 of 9

Thread: After the fact of wep

  1. #1
    Junior Member
    Join Date
    Feb 2008
    Posts
    44

    Default After the fact of wep

    Forgive me if this is dumb sounding, this is like my second post ever or so. But I've been on this site reading anything and everything on cracking a wep key. Took me forever to figure out how to get through my own router... finally one day everything clicked. Posts made sense and same with videos (thank you xploitz- you're my hero). My question now is, after I am through my own wep key- i want to keep learning more. Where would a newer guy start? How do i step it up to the next level? Browseing through my desktop connected to that router?

  2. #2
    Senior Member ShadowKill's Avatar
    Join Date
    Dec 2007
    Posts
    908

    Default

    Quote Originally Posted by 1shot_1kill View Post
    Forgive me if this is dumb sounding, this is like my second post ever or so. But I've been on this site reading anything and everything on cracking a wep key. Took me forever to figure out how to get through my own router... finally one day everything clicked. Posts made sense and same with videos (thank you xploitz- you're my hero). My question now is, after I am through my own wep key- i want to keep learning more. Where would a newer guy start? How do i step it up to the next level? Browseing through my desktop connected to that router?
    Well you could go several different routes really. You could setup a vulnerable dummy system (VM or physical) and try getting into it from your B|T box, or you could do some MitM type attacks (ARP poisoning, packet sniffing, etc, etc) or even some basic intranet enumeration. It's up to you really but make sure you do your research beforehand.



    "The goal of every man should be to continue living even after he can no longer draw breath."

    ~ShadowKill

  3. #3
    Junior Member
    Join Date
    Feb 2008
    Posts
    44

    Default

    Quote Originally Posted by ShadowKill View Post
    Well you could go several different routes really. You could setup a vulnerable dummy system (VM or physical) and try getting into it from your B|T box, or you could do some MitM type attacks (ARP poisoning, packet sniffing, etc, etc) or even some basic intranet enumeration. It's up to you really but make sure you do your research beforehand.
    Thanks for the quick reply. It seems to me it's either basic wep crack or complex projects. Not enough hours in a day for me... The more I read into this stuff the more paranoid I'm getting of what could be done to me. I think arp poisoning might be a fun new project.

    P.s. you guys have a great community here. Just awesome! Any other semi simple projects to read up on?

  4. #4

    Default

    Sniffing is relatively easy, so I'd suggest messing with dsniff and associated tools.

  5. #5
    Senior Member ShadowKill's Avatar
    Join Date
    Dec 2007
    Posts
    908

    Default

    I'd recommend going the way of ettercap and doing some basic packet sniffing. Try and do some image/file replacement type of scenerios etc.

    Also, if you haven't already looked into them, I highly recommend doing the De-Ice courses. You will learn loads if you are just starting out. They are a pretty priceless learning aid and can help you quickly get a grasp on what it is we do.



    "The goal of every man should be to continue living even after he can no longer draw breath."

    ~ShadowKill

  6. #6
    Junior Member
    Join Date
    Feb 2008
    Posts
    44

    Default

    alright, figured out how to do the arp poisoning. (thats some dangerous stuff if in the wrong hands) now what else we got to do? i'm sure i could figure it out but you guys got another way to bring it up to the next step? a way to browse my other computer's internals? almost like a remote admin. if that sounds like a "bad" thing to do then it doesn't have to be answered. i'll understand.

  7. #7
    Senior Member ShadowKill's Avatar
    Join Date
    Dec 2007
    Posts
    908

    Default

    Quote Originally Posted by 1shot_1kill View Post
    alright, figured out how to do the arp poisoning. (thats some dangerous stuff if in the wrong hands) now what else we got to do? i'm sure i could figure it out but you guys got another way to bring it up to the next step? a way to browse my other computer's internals? almost like a remote admin. if that sounds like a "bad" thing to do then it doesn't have to be answered. i'll understand.
    Look into those De-Ice courses I told you about earlier. They will help you advance at a pretty reasonable rate.



    "The goal of every man should be to continue living even after he can no longer draw breath."

    ~ShadowKill

  8. #8
    Junior Member
    Join Date
    Feb 2008
    Posts
    44

    Default

    appreciate the responses shadowkill. I kind of looked at them, but with a job and going full time for electronic and industrial automation i'm not sure if i'll have all the time in the world. (or any money right now... it's cheaper to sit at home and read remote-exploit forums all night

  9. #9
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by 1shot_1kill View Post
    (or any money right now... it's cheaper to sit at home and read remote-exploit forums all night
    Just get the De-ICE pentest discs. If you run them on your local machine using VMware it will not cost you a penny. I vouch for these live-CDs as well, they are a great learning tool and give you the possibility to try out your skills in a close to real-life penetration test assignment without the need for any additional equipment.
    -Monkeys are like nature's humans.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •