Results 1 to 10 of 10

Thread: WEP....done. But now what?

  1. #1
    Just burned his ISO
    Join Date
    Jan 2010
    Location
    127.0.0.1
    Posts
    16

    Default WEP....done. But now what?

    Hi guys

    I’m pretty new at this so be gentle ;-)

    I’ve gain access to my own network via WEP 64 and 128 bit hacking (aircrack-ng), and that’s pretty easy now.

    My next two steps are:

    1) WPA/WPA2 hacking, with a dictionary list. And I’m already started on this.


    2) Now what?

    By “now what?” I mean, how can I further exploit my security setup?
    When I have the WEP access code, how do I start gain knowledge about the target network (my network) that I now have access to.
    How do I see what kind of windows version the target computer is running?, what kind of programs that are installed on the computer, etc.?

    Can anybody give me a hint or a link? The functions in BackTracker is overwelming for a newbie ;-)

    Thanks

  2. #2
    Member imported_vvpalin's Avatar
    Join Date
    Apr 2009
    Posts
    442

    Default

    Quote Originally Posted by Linus1907 View Post
    Can anybody give me a hint or a link?

    google.com or the search button .. welcome to infosec
    Using backtrack for the first time is like being 10 years old again with the keys to a Ferrari.

  3. #3
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by Linus1907 View Post
    2) Now what?

    By “now what?” I mean, how can I further exploit my security setup?
    When I have the WEP access code, how do I start gain knowledge about the target network (my network) that I now have access to.
    How do I see what kind of windows version the target computer is running?, what kind of programs that are installed on the computer, etc.?

    Can anybody give me a hint or a link? The functions in BackTracker is overwelming for a newbie ;-)

    Thanks
    Host/port/vulnerability scanning. Each one is a whole topic unto itself. nmap and OpenVAS/Nessus are good tools to use for starters. Look for tutorials here and elsewhere on the web on those tools and also have a look at the NMap book online or better yet buy a copy.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  4. #4
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    4

    Default

    Quote Originally Posted by Linus1907 View Post
    Hi guys

    1) WPA/WPA2 hacking, with a dictionary list. And I’m already started on this.


    2) Now what?

    By “now what?” I mean, how can I further exploit my security setup?
    When I have the WEP access code, how do I start gain knowledge about the target network (my network) that I now have access to.
    How do I see what kind of windows version the target computer is running?, what kind of programs that are installed on the computer, etc.?

    Can anybody give me a hint or a link? The functions in BackTracker is overwelming for a newbie ;-)

    Thanks
    1) It isn't an easy job especially if victim has password like '3Xx4mPl3666'. But a lot of (not intelligent enough) people set easy passwords to not forget them. IMHO you'd better use Rainbow Tables.

    2) Firstly, do not make a mess in network (e.g. setting SSID to "Internet for BJ" ) "The quieter you become, the more you are able to hear" - and that's a true. And as lupin said, use nmap it's a powerful tool for OS revealing.

  5. #5
    Just burned his ISO
    Join Date
    Jan 2010
    Location
    127.0.0.1
    Posts
    16

    Default

    Thank your very much, lupin. That pushed my in the right direction

    vvpallin: Come on. I know google and the search button. I asked polite for a hint, not a lecture in using google. If your 444 post are like this, you should find another forum, than the "newbie area"- EOD.

  6. #6
    grancerote
    Guest

    Default

    A great next step for you before getting in to Exploits to find vulnerabilities could be ARP poisoning its a great Security test to see how open is your security arround

  7. #7
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default

    Quote Originally Posted by Linus1907 View Post
    vvpallin: Come on. I know google and the search button. I asked polite for a hint, not a lecture in using google. If your 444 post are like this, you should find another forum, than the "newbie area"- EOD.
    Advice is freely given on this forum. While it might not be the answer you wanted to hear, there's some truth behind the response. Everyone here is encouraged to search before posting. You'll notice your question has been asked before and will be asked again after you.

    My advice is find a specific topic mentioned above and focus on it. There's so much to cover. Take a look at the Metasploit Unleashed course, as it focuses on a lot of the topics like network enumeration, vulnerability discovery, and exploiting. If you then want to take it to the next level, look at the classes from Offensive-Security.

    http://www.offensive-security.com/metasploit-unleashed/
    http://www.offensive-security.com/in...y-training.php

  8. #8
    Member imported_vvpalin's Avatar
    Join Date
    Apr 2009
    Posts
    442

    Default

    Quote Originally Posted by Linus1907 View Post
    Thank your very much, lupin. That pushed my in the right direction

    vvpallin: Come on. I know google and the search button. I asked polite for a hint, not a lecture in using google. If your 444 post are like this, you should find another forum, than the "newbie area"- EOD.
    fare enough i guess ..

    OSI Model <<-- start here "as i said google "
    tcp/ip
    nmap, nmap and more nmap "other scanners?"
    Learn ALLL the tools of the aircrack suite
    Ettercap-ng
    Openvas / Nessus
    Metasploit, msf, msf and a whole shitload more msf
    Exploits learn them .. use them etc..
    Now learn to code
    now go back up to OSI and repeat till we are here again.
    Learn more tools
    Start writing your own tools that the above things didnt do
    Start fuzzing
    Now write your own exploits
    At this point i dont think you need a guide anymore
    Using backtrack for the first time is like being 10 years old again with the keys to a Ferrari.

  9. #9
    Junior Member Valifake's Avatar
    Join Date
    Jan 2010
    Location
    Don't worry Sir, I'm from the Internets
    Posts
    38

    Default

    check out the De-ICE series. They are good fun and a good place to start learning.

    TIP: don't cheat.

  10. #10
    Just burned his ISO
    Join Date
    Jan 2010
    Location
    127.0.0.1
    Posts
    16

    Default

    Guys: Thanks you very much. I gave me a lot more keywords to google.

    vvpalin: Thanks for your reply - I aplogize if I were a bit "rough" in my first reply.
    No hard feelings

    Have a nice weekend.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •