joeypesci Posted April 24, 2011 Share Posted April 24, 2011 Probably a simple question for others but not me. I understand a MITM attack, what I'm a little lost is my own home setup. I have my Vigor router that also has WIFI. Various machines on the network all connected wired. If I do a sniff in C&A from the wired machine it shows me all MAC address' it finds on the network. If I do the same sniff on the laptop via WIFI I get nothing. No MAC address, nothing. Means I then can't target other test machines on the network to do the MITM attack. Any ideas? Quote Link to comment Share on other sites More sharing options...
digip Posted April 24, 2011 Share Posted April 24, 2011 (edited) Does your router implement AP Isolation, either turned on by default or automatically with no option to disable? Also, many routers these days will separate the wifi from the wired into different subnets or as a guest network, which makes it so they can't see each other from wired to wireless. Make sure your wireless card is selected in Cain on your laptop and the Winpcap drivers are installed properly. In Cain, make sure the check box for all tests is enabled then try the scan again. Edited April 24, 2011 by digip Quote Link to comment Share on other sites More sharing options...
joeypesci Posted April 24, 2011 Author Share Posted April 24, 2011 It's a Draytek Vigor2800VG. You can turn on AP Isolation for specific WIFI devices that connect to it, mine laptop isn't one of them so I can access everything else on the network from the laptop. The ESXi box, the VMs, the NAS drives. But just doing a scan in Cain doesn't bring anything up. And I've selected the wifi card in Cain and the Winpcap drivers are installed. Just updated Cain and Winpcap but made no difference. Quote Link to comment Share on other sites More sharing options...
joeypesci Posted April 24, 2011 Author Share Posted April 24, 2011 (edited) This is probably why then :) http://img269.imageshack.us/i/49285750.jpg/ Had this before and never seemed to be able to fix it. I also note it states it only supports ethernet. So doesn't that mean it doesn't support WIFI? 10.0.0.105 is the WIFI card. Edited April 24, 2011 by joeypesci Quote Link to comment Share on other sites More sharing options...
joeypesci Posted April 24, 2011 Author Share Posted April 24, 2011 Looks like it might be an issue with Cain. Finally fixed this issue after all these years. This never came up when did a search before http://oxid.netsons.org/phpBB3/viewtopic.php?f=8&t=4222 Changed reg key to 0 and it's fixed it and now I get the MAC addresses on a scan. That's pretty strange... you are running Cain with administrative privileges right? If so, you can try editing the value directly in the registry. It's located under HKEY_CURRENT_USER/Software/Cain/Settings within your registry. ensure Spoofing is set to 0. For anyone else with the issue I'm on Windows 7 Ultimate 64bit. Quote Link to comment Share on other sites More sharing options...
joeypesci Posted April 24, 2011 Author Share Posted April 24, 2011 Would be nice to be able to edit the titles on these threads. I'd like to put FIXED at the end of the title for anyone else who runs into the issue. Quote Link to comment Share on other sites More sharing options...
digip Posted April 24, 2011 Share Posted April 24, 2011 Weird. Never seen that problem before. Only thing I've ever run into is trying to run it right after installing and not seeing my network card until after a reboot. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 25, 2011 Share Posted April 25, 2011 (edited) Just out of curiosity, your wireless router is it on the same subnet as the wired network? Do both networks share the same ip address scheme. 10.0.0.X or 192.168.1.x Edited April 25, 2011 by Infiltrator Quote Link to comment Share on other sites More sharing options...
joeypesci Posted April 25, 2011 Author Share Posted April 25, 2011 Yep, everything is on the 10.0.0.x range Cause it's easier to type :) Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 26, 2011 Share Posted April 26, 2011 Yep, everything is on the 10.0.0.x range Cause it's easier to type :) I have a feeling that, your wireless card does not support raw monitoring mode. It could explain why you are experiencing difficulties seeing other wireless devices mac addresses. Quote Link to comment Share on other sites More sharing options...
joeypesci Posted April 27, 2011 Author Share Posted April 27, 2011 Erm, but doing the registry fix in post 5 has fixed it. It's a Alfa, the one that's in the pineapple, minus the pineapple. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted April 28, 2011 Share Posted April 28, 2011 Erm, but doing the registry fix in post 5 has fixed it. It's a Alfa, the one that's in the pineapple, minus the pineapple. Interesting never tried cain and able on Win 7 before. Anyway, thanks for pointing out the registry fix, i must have misread your post. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.