Jump to content

Covertly installed inside a corporate network


kanalia

Recommended Posts

Hi chaps

I received my turtle yesterday, so, so exciting. I took it to work today to as per Use Cases "covertly install it inside a corporate network". The DHCP assigned an IP to turtle, the turtle assigned an IP to PC but guess what? I am disconnected from domain now. This is not very "covert" as I lost all my privileges assigned to my domain user. All the network shares I could access before are gone. I am new to ethical hacking but it seems to me this device in useless on corporate networks. Am I missing something?

regards, Kanalia

post-53156-0-21646200-1457453987_thumb.p

Link to comment
Share on other sites

If it is installed in a network closet, via wall-wart usb plug (instead of into a computer) with autossh reverse tunneling, it would give you remote access into that network and not deny anyone access to their network shares. All networks are different - some have aggressive egress filtering that would prevent even the example I just gave. Most do not however. Yours happens to have your domain access tied to the MAC address of your computer or something of the sort. You could tried changing the mac address on the turtle to match that of your computer? Exploring and figuring out what is possible, where its possible, and when its possible is all part of the fun. Just make sure its all "above board" and you won't get punished or jailed doing said exploration! My advice is to read up, learn as much as you can, and report back your findings/discoveries! Good luck new friend!

telot

Link to comment
Share on other sites

Thanks telot

Assigning client mac to turtle was one of the first ideas actually. That did not work either. The more I think about it the more I realize this will not be possible. The turtle would have to basically copy settings between interfaces. I will give it more time, maybe I will come up with something. The good thing is my employer knows about everything as he founds my education so I can use our corporate network as firing range :)

regards

Link to comment
Share on other sites

  • 2 weeks later...

I think the issue might be DNS. When turtle get an IP from lan, perhaps it's not getting the dns? That could explain why you cannot access corporate resources as they are not getting resolved.

If others can post a way to bind corporate dns and gateway settings?

Link to comment
Share on other sites

  • 4 weeks later...

This is now resolved. Go to etc/config/network and change the config for 'lan' to:

config interface 'lan'
option ifname 'eth0 eth1'
option type 'bridge'
option proto 'dhcp'
Both interfaces are assigned an ip by DHCP.

I did this and got everything working on my end as well. However, our printer (on the same network) has gone haywire. It just keeps restarting. The turtle has no physical connection to the printer, just that they are on the same network.

I thought maybe it was an IP conflict or something, but no. I can't figure it out.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...