Jump to content

Packet sniff router information

proskater123

By proskater123
in Questions

 Share

Recommended Posts

proskater123 Newbie

proskater123

Posted
Posted

Ok here is my issue. We Just got wireless internet. I hate it but its better than the dial up we have. The wireless router the guy installed, he forgot the router password and wifi key. (dumbass) So at the moment im plugged directly into the router. I tried installing a netgear router. But it won't connect to the antenna because the antenna doesn't have dhcp. It has a static Ip address that has to be entered into the router. We don't know that nor will pc-source (wireless provider) give that out. They want us to come out to them a town over and let them do it. So I was going to see if I can figure out what i need first.

This is how my network is set up:

Antenna---->wireless trendnet router -----> me

I was thinking of a couple solutions.

Packet sniff the information between the antenna and the router and possibly recover any username and ip addresses needed. so the set up would look like this.

Antenna-->pc with wireshark--->router--->me

But i was thinking there is a problem with that way.... The pc with wireshark wouldn't aquire an ip address and i don't think that would work. It would have two nic cards and have them bridged then capture all the data on the first nic.

Can someone either help me or point me in the right direction. Thanks.

Link to comment
Share on other sites
Sparda Newbie

Sparda

Posted
Posted
the ip is ussually 192.168.1.1 or something like that possibly 192.168.1.2 , type that in your browsers address bar

You don't really need to guess at it's default IP, just request an IP address via DHCP and it will tell you what it's IP is.

Link to comment
Share on other sites
proskater123 Newbie

proskater123

Posted
  • Author
Posted

I don't think I explained the situation right. The router has information stored inside it to connect to our antenna. If I were to reset it I would lose that information then I wouldn't be able to connect. It would be as useless as the netgear router that im trying to install. The cat5 cable that runs from our antenna goes into the wan port. And the router has to have a static ip address put into it so that it will connect to the antenna right. If it doesn't have that then it won't connect or even aquire an ip address. For example. If i were to hook that cable into our desktop our desktop won't aquire an ip address. It requires to be set up with a static ip address OF the antenna to connect. Hope that helped. lol

Link to comment
Share on other sites
linton Newbie

linton

Posted
Posted

A friend of mine had this problem and he had to bite the bullet and call them to go through the setup again which took about 1/2 an hour in his case. Of course, they will go through the account verification process with you to make sure you're the account owner ... there are some shady folks out there ...

Link to comment
Share on other sites
Sparda Newbie

Sparda

Posted
Posted

If it is set statically, all you need to do is get a cross over cable, power off the router, plug the routers WAN port in to your computer, power on the router, and you will see it trying to do stuff in wireshark.

Hopefully you will see it trying to communicate with it's default gateway so you know what that is set to as well.

Once you have this information, plug your computer in to the 'Antenna' (still not sure exactly what this refers to), and configurer your network adapter with the stuff captured with wireshark.

If this works, factory reset the router and enter it into it's configuration again.

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted

Two things you could try. One, get the MAC address of the router, and then make your pc that same MAC address, then connect to the network without the router and see what traffic goes back and forth. This might be difficult depending on your knowledge of how to change it, but you can do this easily in Linux, or through your wifi card in windows. Ethernet cards in windows can be changed, but would require you to either edit the registry or use a thrid party app, both of which are not the most desired method.

2, go the default gateway address your pc aquires from the router. If its locked down, it will prompt you for the password. When it does, it usually gives you the model number or some identification as to the router info, look it up, and see if the default password is still set in the router. The guy who set it up might have just left the default password on the device,which means anyone who trys to logon to it, would be able to set it to anything they want.

http://www.routerpasswords.com/

3. Run "ipconfig /all" in windows, document all the info. Your IP address, Default gateway(which is probably the router itself), DNS server, etc. Then go to projectip.com and get your ip address. If your network starts with something like bb.bb.bb.xx where xx is your address for your pc, then most likely the routers default gateway will be the same, only end in a 1 or 2 most of the time. ex: 88.65.200.15 might be your ip, then the routers defautl gateway might be 88.65.200.1 (This is not a garuntee though)

They will have already allowed the mac address from the router, so you will probably only need to enter the static IP they set up for you, the DNS server and Default Gateway back to them.

The third method is one you would have to decide for yourself, as I can not garuntee any of that will work. I am assuming some things in this process though, and that is that once in the router, it does not require user and password authentication back to the ISP.

What brand and model is this router? What is the ISP? and What kind of service is it(aside from wireless, does the router also function as a modem, like DSL, etc)

edit: I just saw Sparda's suggestion after I posted mine, but that would probably be a good idea as well. Never thought about trying that, but would probably yield quicker results than anything suggested so far.

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted
So I would goto whatsmyip.com or something and do a traceroute from my pc to my own IP to see the routers IP?

Your routers IP is a private address. Whatsyourip only shows you the IP address your acocunt was assigned by the ISP, which then goes to yoru modem or whatever device pipes it in, then you have your router, then your computers. Whatsyourip will not tell you your routers IP. If youa r eon windows and connected through a router, you can find the default gateway address(Your router) in two places. Either form a cmd prompt, type "ipconfig /all" or right click the properties for your nic in the network connections(once you are connected) get status, then the support tab. Linux, just type "ifconfig -a".

Link to comment
Share on other sites
dimitar Newbie

dimitar

Posted
Posted

He needs the router's WAN IP address. Not the LAN address. If he wants to replace it with his own, he needs to know the IP address that the ISP gave him.

Just go to http://www.whatismyip.com/

Make sure that you are doing this from your home computer that is behind the router in question.

It will show your router's WAN IP address right on top. Like this:

Your IP Address Is xxx.xxx.xxx.xxx

You do not have to do any traceroutes etc.

He does not need the LAN IP address. This is irrelevant.

Link to comment
Share on other sites
proskater123 Newbie

proskater123

Posted
  • Author
Posted
He needs the router's WAN IP address. Not the LAN address. If he wants to replace it with his own, he needs to know the IP address that the ISP gave him.

Just go to http://www.whatismyip.com/

Make sure that you are doing this from your home computer that is behind the router in question.

It will show your router's WAN IP address right on top. Like this:

Your IP Address Is xxx.xxx.xxx.xxx

You do not have to do any traceroutes etc.

He does not need the LAN IP address. This is irrelevant.

Sorry but you are wrong. I do need a lan ip address. Jut not from my router. Our antenna has an ip address and its static. When I plug into it my device has to know where the antenna is in a way. (its ip address.) Im going to try spardas solution. Im going to add another nic card to our desktop and run the router through one and have the other line from the antenna going into the other nic. Hopefully it works.

Link to comment
Share on other sites
dimitar Newbie

dimitar

Posted
Posted
Sorry but you are wrong. I do need a lan ip address. Jut not from my router. Our antenna has an ip address and its static. When I plug into it my device has to know where the antenna is in a way. (its ip address.) Im going to try spardas solution. Im going to add another nic card to our desktop and run the router through one and have the other line from the antenna going into the other nic. Hopefully it works.

Sorry... may be I misunderstood something. What do you mean by "antenna". Are you referring to a coax cable? Or a satellite antenna?

On a second read... it seams that you are talking about a satellite antenna that is connected to your router with a CAT 5 cable, in which case the antenna actually plays the role of a modem (you need a device that does modulation and demodulation and since you don't have a modem, the antenna must be doing this).

If the antenna has its own IP address, then if you do a traceroute from your computer on the network to anything outside your network, the second hop should be the IP you are looking for (the first hop would be your router).

So I would do:

traceroute yahoo.com (on a linux box)

or

tracert yahoo.com (on a windows box)

take the IP address on the second line, that should be the IP address of your antenna.

I just seriously doubt it that your "antenna" would have an IP address (it probably just plays the role of a modem).

Link to comment
Share on other sites
H@L0_F00 Newbie

H@L0_F00

Posted
Posted

Sounds like Satellite Internet I think. Traceroute wouldn't work though since he cannot obtain an IP address in the first place. Wouldn't setting his NIC into monitor mode and connecting directly to the 'antenna' (which sounds like it acts like a modem to me, as well) allow all traffic to be seen and logged? There should be some form of traffic going through it, right?

Link to comment
Share on other sites
shawty Newbie

shawty

Posted
Posted

So let me get this right.

You've had a router installed that has wifi on it, but you don't know the wifi key, so you need to connect to the router using a lan cable. At this point, the router gives you a connection, so you can get onto the internet. But you don't want to get onto the internet via having to be cabled, you want your puter/lappy to connect to the router via WiFi so u can connect to the internet without being tethered?

If so then all we need to do is advise on the best way to sniff the wiFi password using aircrack (or similar) ( i don't know how this shit works in the states :-) )

If what your after however, is to get into the routers config panel to reconf it then sorry dude, your gonna have to fact reset it as stated above.

Cheers

Shawty

Link to comment
Share on other sites
beakmyn Newbie

beakmyn

Posted
Posted

Sounds like a Social engineering attempt to me. You're willing to waste a day on trying to get around things, which may not work, when all it takes is a 30min phone call?

Hi this Bob, you techs installed my broadband and failed to provide me with the default password for the wifi. Can you tell me what that is?

Link to comment
Share on other sites
proskater123 Newbie

proskater123

Posted
  • Author
Posted
Sounds like a Social engineering attempt to me. You're willing to waste a day on trying to get around things, which may not work, when all it takes is a 30min phone call?

Hi this Bob, you techs installed my broadband and failed to provide me with the default password for the wifi. Can you tell me what that is?

Tryed that. I think my cat that sleeps on my keyboard knew more than them. They want me to take the router to them and let them redo it. I have found my wireless key (was the same as the first router) but the web console password is not the same. So I would still love to get that in order to port forward and everything.

Link to comment
Share on other sites
ssmithisme Newbie

ssmithisme

Posted
Posted

So.....

your router is configured to have a static internet ip address? and if you hit the reset button you have to give it this address manually.

if this is the case. go to http://whatsmyip.org/ and that is your internet IP address.

write it down, hit the reset button on your router, log in and put that address back in as the internet address

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...