Basic Network Hacking

[r4v37t]

I'm new in networking hacking, BackTrack, and Metasploit. If I have case like picture above show, in that case show I'm an attacker and I want attack target PC where the target have connected to modem. So target use modem IP while connect to internet.

My question is how I attack target PC from my device(attacker device), if I use BackTrack and Metasploit and what concept using for attack the target?

[Sparda]

Send the user an email that gets them to go to your evil web page.

[r4v37t]

Send the user an email that gets them to go to your evil web page.

Makes target connect to our IP Address?

So, I must collect information to know what vuln exist. It's right?

If it's right, what the best way to get more information on the target?

As I know, target use IP Address from a modem so if I scan, it's scan the modem not the target PC.

[digip]

What you ask, is anything but basic. If you want basics, first learn about networking, in general. understand the concepts of the OSI model, specifically layer 2 and 3. Understand subnets and subnetting, and how a subnet mask plays a role into what machines you can reach on the same network segment and how it divides them up, so they can't talk to one another.

Here is the thing. Your modem, unless also acts as a router, is not accessible from the internet. In rare cases, this is not true, when the modem is also say, a wireless access point. The reason being, is that the modem is a sort of bridge between the ISP and the end users network. It works on the DOCSIS standard, and will forward DHCP and network data over itself between the ISP and the subscribers local network. Because of this, you can't access say, my cable modem, unless 1, you are the ISP, or 2, you are part of my internal network. The modem, for the most part, will always have a lan side IP of 192.168.100.1. This IP talks to your PC or your router, and hands off information from the ISP on their behalf. So when you scan the internet for vulnerable desktop machines, you are only ever going to be able to hit either 1, their router, 2, a machine that is does not use a router and is directly connected through the modem, or 3, behind a router but put in a DMZ or has port forwarding set for different services.

The IP is associated with either the subscribers router, or their desktop/laptop/internet ready device(s) (such as an xbox, blueray dvd players, netflix devices, etc) and not the modem itself.

Understand that the modem, speaks to the ISP, and has a LAN bound IP of 192.168.100.1, while on the ISP side, it speaks to a CMTS which it identities itself to by its MAC address, not an IP address you can reach from the internet. The modem is transparent in the scenario, unless its a dual device that is both a DOCSIS device, and router/nat type device in one.

[r4v37t]

What you ask, is anything but basic. If you want basics, first learn about networking, in general. understand the concepts of the OSI model, specifically layer 2 and 3. Understand subnets and subnetting, and how a subnet mask plays a role into what machines you can reach on the same network segment and how it divides them up, so they can't talk to one another.

May be that is my problem, many resource that I got it's in not my language(I mean all source is in English). And many of resource which in my language, it's not more help me much.

After all, thanks for help me out.

Regards,

[digip]

May be that is my problem, many resource that I got it's in not my language(I mean all source is in English). And many of resource which in my language, it's not more help me much.

After all, thanks for help me out.

Regards,

Regardless of language, every country that has an IT department, has courses on networking, books, etc. Invest in some reading material, or look up things on sites in your own native language, whatever that may be. I'm sure it would make more sense to read things in your native language than trying to also have to understand the same thing in english. Learning the fundamentals of networking should be accessible in any language if you look in the right place. Go to your local book stores or book sellers online in your native language.

[r4v37t]

Regardless of language, every country that has an IT department, has courses on networking, books, etc. Invest in some reading material, or look up things on sites in your own native language, whatever that may be. I'm sure it would make more sense to read things in your native language than trying to also have to understand the same thing in english. Learning the fundamentals of networking should be accessible in any language if you look in the right place. Go to your local book stores or book sellers online in your native language.

Ok, I start reading again and keep asking more, thanks for the right way out.

Regards,

[Infiltrator]

Ok, I start reading again and keep asking more, thanks for the right way out.

Regards,

You can also find lots of information on Google too.

[Nocta]

Create a DNS server. Hack into your neighbor's wireless network. Enter his router's config and change the primary DNS IP.

That's simple to start. It has its dificulties but it's quite funny and interesting.

For me, the best and easier way to get started.

[Infiltrator]

Create a DNS server. Hack into your neighbor's wireless network. Enter his router's config and change the primary DNS IP.

That's simple to start. It has its dificulties but it's quite funny and interesting.

For me, the best and easier way to get started.

Yes, very easy and simple to get started but if you are not careful enough you will get burnt very badly. I've seen cases of people, doing what you did and it didn't end up too well for them.

Edited August 17, 2011 by Infiltrator

[Nocta]

Yes, very easy and simple to get started but if you are not careful enough you will get burnt very badly. I've seen cases of people, doing what you did and it didn't end up too well for them.

Yeah, you can get caught but it's not that simple. I mean, you can set it up for a couple of days and that's it. I mean, you won't have your computer as a DNS for ever. But you'll get caught sooner or later, no matter what.

Besides, maybe in the US could be a problem but in other third-world-countries law is not as advanced as technology.

I hope you understand what I meant.

[Infiltrator]

Yeah, you can get caught but it's not that simple. I mean, you can set it up for a couple of days and that's it. I mean, you won't have your computer as a DNS for ever. But you'll get caught sooner or later, no matter what.

Besides, maybe in the US could be a problem but in other third-world-countries law is not as advanced as technology.

I hope you understand what I meant.

Well, you are speaking to someone who used to live in a third world country. So yeahh, I understand what you mean perfectly well.

[Nocta]

Well, you are speaking to someone who used to live in a third world country. So yeahh, I understand what you mean perfectly well.

Hahaha, I still live in a third world country.

Plus, a regular user is not that intelligent. He doesn't care about how if it works as long as it works.

[r4v37t]

Hahaha, I still live in a third world country.

Plus, a regular user is not that intelligent. He doesn't care about how if it works as long as it works.

Hahaha, same like in my country they doesn't care about the system it works as long as it works and specs isn't bad

[Infiltrator]

Hahaha, same like in my country they doesn't care about the system it works as long as it works and specs isn't bad

I used to think the same way about computer specs but nowadays I think differently, plus not everyone in a third world country can afford to buy an expense computer. That's one of the main reasons, why they rather buy something simple that they can use.

Not trying to offend anyone in here, but the life condition for those who live and work in a third world country can be very difficult and stressful.

[Nocta]

I used to think the same way about computer specs but nowadays I think differently, plus not everyone in a third world country can afford to buy an expense computer. That's one of the main reasons, why they rather buy something simple that they can use.

Not trying to offend anyone in here, but the life condition for those who live and work in a third world country can be very difficult and stressful.

It's not that expensive. You don't need an i7 or Xeon processor. A DNS Server could work fine on a P3 with 512MB RAM. You just need to plug a wireless dong to the server with the right drivers.

And hey, no offense taken! I know the situation in my country and the other ones.

Hahaha, same like in my country they doesn't care about the system it works as long as it works and specs isn't bad

That's what I tried to mean. I work at a help desk and I can tell you, people here don't care how it works, as long as it works.

When you try to do something new to work better, they just say "Don't change anything if it's working right".

Edited August 26, 2011 by Nocta