Results 1 to 5 of 5

Thread: Help on Information Gathering

  1. #1
    Join Date
    May 2007

    Default Help on Information Gathering

    So... i'm just looking for a bit of advice from people who have gone a few steps further than I have.

    Say you were trying to crack the WPA of an access point, but a dictionary attack FAILED.

    Where do you go next? For example... i used the CUPP tool to generate some 'possible' passwords, with what little information i can gather. This did not present me with the password.

    So would anyone be kind enough to pass on some tips about what they would do next to try and get information about the AP; given that the ONLY information you have about it is the SSID.

    CUPP is great, but it didn't come good for me this time. Are there other tools out there that can help.

    i realise that this could be construed as being "spoon-fed" and could potentially incur an infraction of the "big-red-pwn-button" type..., but the reality is that I do not know where to turn next; in terms of password generators etc...

    so any advice would be gratefully recieved.



  2. #2
    Moderator theprez98's Avatar
    Join Date
    Jan 2010


    Quote Originally Posted by mcai8rw2 View Post
    Say you were trying to crack the WPA of an access point, but a dictionary attack FAILED.
    Find a better dictionary.

    Find out the passphrase by other means, i.e., social engineering.

  3. #3

  4. #4
    Join Date
    Mar 2007


    Quote Originally Posted by muminrz View Post
    Of course he did. He posted in that thread 1 hour before he created this one. Pay attention next time and don't make useless posts.

  5. #5
    Member imported_vvpalin's Avatar
    Join Date
    Apr 2009


    Wouldn't a rogue AP coupled with a metasploit payload to send you back all the wireless keys be a good idea about now ?

    Ive never tried it myself "hopefully this weekend" but i remember reading that its possible ... atleast on XP anyways.

    I have also heard that depending on the company and firmware revision there might be ways to exploit the router and grab the settings without having the WPA key.

    I was also thinking there might be a way to dos the AP causing the user or admin to reset the settings. If your fast enough and know what your doing once he resets it. You could log in and sniff all the passwords that he is inputting.

    There are TONS of other social engineering attacks you could attempt depending on the situation.
    Using backtrack for the first time is like being 10 years old again with the keys to a Ferrari.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts