Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: WPA Network with hidden sister

  1. #1
    Just burned his ISO
    Join Date
    Dec 2008
    Posts
    4

    Default WPA Network with hidden sister

    2 networks.
    Both strong on channel 7.
    They share 15 identical clients.
    I see a little more than twice as many packets on Network A as on Network B.

    I've stripped all but the trailing identifiable digits, for privacy.

    Network A
    SSID:...1332
    BSSID:...3C:80
    IP Range: 192.168.1.9 (through ARP)
    Flags: A

    Network B
    SSID:<No SSID>
    BSSID:...3C:81
    IP Range: 192.168.1.9 (through ARP)
    Flags: D4

    Unfortunately, the network is not mine, and I'm practising on my own behest, so I can't deauth a client.
    I'd like to be able to set up a similar network locally to attack actively, or to be able to passively determine the SSID of the ...3C:81 network. Preferably both.
    The SSID ...1332 indicates that it is a popular residential ISP, but 15 clients is unusual. In fact, I didn't think that the default modems they shipped could support that many.

    I've been playing with kismet for a couple of days now, and concentrating on channel 7 for the last day, and this is the only thing I don't understand so far.

    If anyone could tell me what's going on, and maybe a few keywords I can google, it would be very helpful.

    Thanks,
    Eric

  2. #2
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by elewton View Post
    2 networks.
    Both strong on channel 7.
    They share 15 identical clients.
    I see a little more than twice as many packets on Network A as on Network B.

    I've stripped all but the trailing identifiable digits, for privacy.

    Network A
    SSID:...1332
    BSSID:...3C:80
    IP Range: 192.168.1.9 (through ARP)
    Flags: A

    Network B
    SSID:<No SSID>
    BSSID:...3C:81
    IP Range: 192.168.1.9 (through ARP)
    Flags: D4

    Unfortunately, the network is not mine, and I'm practising on my own behest, so I can't deauth a client.
    I'd like to be able to set up a similar network locally to attack actively, or to be able to passively determine the SSID of the ...3C:81 network. Preferably both.
    The SSID ...1332 indicates that it is a popular residential ISP, but 15 clients is unusual. In fact, I didn't think that the default modems they shipped could support that many.

    I've been playing with kismet for a couple of days now, and concentrating on channel 7 for the last day, and this is the only thing I don't understand so far.

    If anyone could tell me what's going on, and maybe a few keywords I can google, it would be very helpful.

    Thanks,
    Eric
    Yes, it is unfortunate.

    Hope you enjoyed your stay.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  3. #3
    Junior Member
    Join Date
    Jan 2010
    Location
    /home
    Posts
    43

    Default

    in my opinion streaker, i dont see that he's doing anything wrong. since he's only sniffing traffic.
    however, it's the moderators task to see if he's doing something illegal or not.
    Aquillar> hey, you guys ever play kmem russian roulette?
    Agnostos> I don't believe I have. care to explain the details?
    Aquillar> dd if=/dev/urandom of=/dev/kmem bs=1 count=1 seek=$RANDOM
    Aquillar> keep executing until system crashes
    Aquillar> person that crashes system has to buy beer
    Agnostos> lol
    Agnostos> I wonder if I can sneak that into a server startup script here.

  4. #4
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Unfortunately, the network is not mine, and I'm practising on my own behest, so I can't deauth a client.
    Please stay away from networks which you do not own or are not authorized to engage.
    The highlighted portion is the only thing that saved you from a ban.

  5. #5
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by bb_EcKo View Post
    in my opinion streaker, i dont see that he's doing anything wrong. since he's only sniffing traffic.
    however, it's the moderators task to see if he's doing something illegal or not.
    Perception is in the eye of the beholder.

    And actually sniffing traffic is punishable since it can fall under the same laws that cover wiretapping.
    So before you go spouting off at the mouth check your facts and google.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  6. #6
    Just burned his ISO
    Join Date
    Dec 2008
    Posts
    4

    Default

    Thanks and excuse me.
    I had no idea that this was illegal or even ethically questionable.

    I rather thought of it as learning a language by sitting in a cafe and tuning in to loud greetings but not conversations; that I would encounter configurations in the field that may not occur to me with my own router.

    I won't even sneak in a final question about what was actually going on.

    Back to sniffing my own network...

    Eric

    EDIT:
    I've been trying to get all the SSIDs and their strengths in my area with a directional antenna and then move my computer over to my friend's house and do the same and then compare them to triangulate approximate positions of businesses and compare them to a map of the area.
    Is this a) legal and b) ethical?
    I ask because this is a new field to me and I may not yet know what is acceptable behaviour.
    I guess "stay away from networks which you do not own or are not authorized to engage" means I have to stop...

  7. #7
    Junior Member
    Join Date
    Jan 2010
    Location
    Canada
    Posts
    84

    Default

    Quote Originally Posted by elewton View Post
    Thanks and excuse me.
    I had no idea that this was illegal or even ethically questionable.

    I rather thought of it as learning a language by sitting in a cafe and tuning in to loud greetings but not conversations; that I would encounter configurations in the field that may not occur to me with my own router.

    I won't even sneak in a final question about what was actually going on.

    Back to sniffing my own network...

    Eric

    EDIT:
    I've been trying to get all the SSIDs and their strengths in my area with a directional antenna and then move my computer over to my friend's house and do the same and then compare them to triangulate approximate positions of businesses and compare them to a map of the area.
    Is this a) legal and b) ethical?
    I ask because this is a new field to me and I may not yet know what is acceptable behaviour.
    I guess "stay away from networks which you do not own or are not authorized to engage" means I have to stop...
    Well I do not believe that mapping out freely broadcasting AP's is illeggal or unethical. In fact there was a court case where a man sniffed only the broadcasted packets in a similar exercise, and the case was dropped since all he did was listen to that which is freely thrown around, had he connected however he would have beeen in trouble. But it is your choice of course

  8. #8
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by HitThemLow View Post
    Well I do not believe that mapping out freely broadcasting AP's is illeggal or unethical. In fact there was a court case where a man sniffed only the broadcasted packets in a similar exercise, and the case was dropped since all he did was listen to that which is freely thrown around, had he connected however he would have beeen in trouble. But it is your choice of course
    It can be illegal, yes. As archangel.amael said "wiretapping laws". In Australia that would be the Telecommunications Interception and Access (TIA) Act, which covers copying or otherwise "reading" communications between other parties, including electronic communications (phone, email, etc) at a point between the normal termination points of each end of the conversation. Similar laws apply in other jurisdictions.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  9. #9
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Quote Originally Posted by lupin View Post
    It can be illegal, yes. As archangel.amael said "wiretapping laws". In Australia that would be the Telecommunications Interception and Access (TIA) Act, which covers copying or otherwise "reading" communications between other parties, including electronic communications (phone, email, etc) at a point between the normal termination points of each end of the conversation. Similar laws apply in other jurisdictions.
    Don't we have something in place along the lines of "It's being broadcast onto my property" going though? Obviously a big cantenna is not within these parameters, but as I sit right here I can see at least 8 networks, many of which are close to drowning out my dev network (which has the RX/TX rates turned right down).

    If someone threw their open letters onto my lawn I'd probably be able to see what is going on there as well, it's not like I'm activly touching these letters, nor am I seeking them out, they are just there. A more accurate example would be getting arrested for wiretapping because someone was talking on their mobile phone in the middle of a crowd.

    The OP might want to look into WDS for his own network needs, the double packet rate suggests some sort of joining/reflection.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  10. #10
    Junior Member
    Join Date
    Feb 2010
    Posts
    28

    Default

    Might help answer this, just a read. A little out dated, but interesting to read anyways.

    PDF File

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •