Jump to content

Packet sniff router information


proskater123

Recommended Posts

congrats_retard.jpg

Sniffing the traffic without someone logging in will not give you the ROUTER ADMIN password.

Google gods we need ye mighty powa!

inpage:"hydra bruteforce how to"

amen

haha jesus finally i get to the end of the thread and someone finally gets it. i was gonna shoot myself there for a second reading through fail post after fail post.

proskater you need to get a little more familiar with your networking setup because when you start asking questions and calling things cat5 or coaxial cable antennas it confuses people and they arent sure what youre actually trying to do.

but yes like dingleberries said no amount of arp spoofing or packet sniffing is going to catch the wep key or get you the admin password for the router configs. the only way that would work is if you are sniffing traffic and someone logs into the router, then you can cap the plaintext username and password. but it dosnt sound like anyone in your setup is going to be doing that anytime soon, so youll just be sitting there sniffing nonsense all day long.

Link to comment
Share on other sites

Two things you could try. One, get the MAC address of the router, and then make your pc that same MAC address, then connect to the network without the router and see what traffic goes back and forth. This might be difficult depending on your knowledge of how to change it, but you can do this easily in Linux, or through your wifi card in windows. Ethernet cards in windows can be changed, but would require you to either edit the registry or use a thrid party app, both of which are not the most desired method.

its actually very easy to change the mac address of your wireless nic or your ethernet nic in windows and dosnt require any registry modifications at all, this dosnt work on all chipsets but it works on most. a few are ralink, broadcom, atheros, and realtek depending on the driver. you just go into the advanced configuration of your network adapter and change the mac. its usually listed as network address or locally administered mac address.

macchange_1.jpg

quizimg.png

Link to comment
Share on other sites

Dumb question, but do you own the router? Because if you do(and not rent it from them) I wouldn't be so willing to hand it over to them, ot take it to them for configuration only to have them lock you out of it. What is to stop them from putting custom firmware on it and set up their own VPN, back door, etc. Just reset the damn thing already and call customer service to set it back up if you can't figure it out on your own.

Link to comment
Share on other sites

I doubt its anything exciting like a VPN or magical backdoor, i think whoever set this up is just trying to make a fast buck. If you want to see how the router is talking to whatever doohicky it is that gives you internet access, tap the connection (tcpdump -p -i eth0 for instance). This should give you enough information to reset the device and configure it again with your password and the correct settings (ie any authentication, the IP's used, netmask etc). If you can't figure that out, call your ISP and ask for the settings (ie your paying for the service). If you can't do that then your not telling us everything. This entire process should take about 15 mins including a fag break.

Link to comment
Share on other sites

@Dingleberries, Yep I forgot what the point of discussion was. I thought we were going after his ISP authentication crendentials. Hydra should work but I've seen Zyxel's that will detect the brute force attempt and block you.

Like Vako said the interceptor should be able to see the authentication traffic. Plug it in, reboot the router and which will force it to reconnect and you should be able to grab the credentials or least get a better idea of what's going. The only way you'll get the admin password at this point is by bruteforcing it on the router. Heck for giggles see if it's the MAC address or serial number.

Other then that do a hard reset and hope for the best.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...