Mitm Wifi

[joeypesci]

Probably a simple question for others but not me. I understand a MITM attack, what I'm a little lost is my own home setup. I have my Vigor router that also has WIFI. Various machines on the network all connected wired. If I do a sniff in C&A from the wired machine it shows me all MAC address' it finds on the network. If I do the same sniff on the laptop via WIFI I get nothing. No MAC address, nothing. Means I then can't target other test machines on the network to do the MITM attack.

Any ideas?

[digip]

Does your router implement AP Isolation, either turned on by default or automatically with no option to disable? Also, many routers these days will separate the wifi from the wired into different subnets or as a guest network, which makes it so they can't see each other from wired to wireless.

Make sure your wireless card is selected in Cain on your laptop and the Winpcap drivers are installed properly. In Cain, make sure the check box for all tests is enabled then try the scan again.

Edited April 24, 2011 by digip

[joeypesci]

It's a Draytek Vigor2800VG. You can turn on AP Isolation for specific WIFI devices that connect to it, mine laptop isn't one of them so I can access everything else on the network from the laptop. The ESXi box, the VMs, the NAS drives. But just doing a scan in Cain doesn't bring anything up. And I've selected the wifi card in Cain and the Winpcap drivers are installed. Just updated Cain and Winpcap but made no difference.

[joeypesci]

This is probably why then :)

http://img269.imageshack.us/i/49285750.jpg/

Had this before and never seemed to be able to fix it. I also note it states it only supports ethernet. So doesn't that mean it doesn't support WIFI?

10.0.0.105 is the WIFI card.

Edited April 24, 2011 by joeypesci

[joeypesci]

Looks like it might be an issue with Cain. Finally fixed this issue after all these years. This never came up when did a search before

http://oxid.netsons.org/phpBB3/viewtopic.php?f=8&t=4222

Changed reg key to 0 and it's fixed it and now I get the MAC addresses on a scan.

That's pretty strange... you are running Cain with administrative privileges right? If so, you can try editing the value directly in the registry. It's located under HKEY_CURRENT_USER/Software/Cain/Settings within your registry. ensure Spoofing is set to 0.

For anyone else with the issue I'm on Windows 7 Ultimate 64bit.

[joeypesci]

Would be nice to be able to edit the titles on these threads. I'd like to put FIXED at the end of the title for anyone else who runs into the issue.

[digip]

Weird. Never seen that problem before. Only thing I've ever run into is trying to run it right after installing and not seeing my network card until after a reboot.

[Infiltrator]

Just out of curiosity, your wireless router is it on the same subnet as the wired network?

Do both networks share the same ip address scheme.

10.0.0.X or 192.168.1.x

Edited April 25, 2011 by Infiltrator

[joeypesci]

Yep, everything is on the

10.0.0.x range

Cause it's easier to type :)

[Infiltrator]

Yep, everything is on the

10.0.0.x range

Cause it's easier to type :)

I have a feeling that, your wireless card does not support raw monitoring mode.

It could explain why you are experiencing difficulties seeing other wireless devices mac addresses.

[joeypesci]

Erm, but doing the registry fix in post 5 has fixed it. It's a Alfa, the one that's in the pineapple, minus the pineapple.

[Infiltrator]

Erm, but doing the registry fix in post 5 has fixed it. It's a Alfa, the one that's in the pineapple, minus the pineapple.

Interesting never tried cain and able on Win 7 before. Anyway, thanks for pointing out the registry fix, i must have misread your post.