Neill Young Posted March 9, 2012 Share Posted March 9, 2012 I've seen lots of documentation on WPA/WEP crackingt, but nothing on becoming admin on a network. Can anyone point me to an article on it? Quote Link to comment Share on other sites More sharing options...
digip Posted March 10, 2012 Share Posted March 10, 2012 Not being sarcastic, but start with google or use the search feature on the forums. Quote Link to comment Share on other sites More sharing options...
combatwombat27 Posted March 10, 2012 Share Posted March 10, 2012 (edited) 1. I AM VERY SORRY, I was posting from my phone and messed up posting 3 times, If an admin can remove the other two posts I would be great-full. Domain Network Privilege Escalation : a high level overview compromise a system on the network keylog that system and wait for a user with admin permissions to use it or compromise a serv and do the same thing or compromise the domain controler and add an admin acc or change the pass on an old dormant account and give that account domain privlages. Remember this: Humans are creatures of habit and laziness. It is likely that one user even with multiple accounts for multiple things will use the same password or a simple variation. The same goes for someones regular and privileged accounts. This is not an all inclusive list just some of the basics. Using these ideas it should be easier for you to look up guides/information. This was written for a domain due to the fact that there is no single admin account on standard home stile workgroup/homegroup networks. There may be an account with the same name and password on several computers but they are still different accounts due to all accounts being local. On local networks if you can control one box you can do quite a few things such as arp cache poisoning and reading people's packets. With a foothold in one computer you can nmap the rest of the network to see what is available for attack. IT isn't Admin on the network but it is the best position to start at in simple networks. REMEMBER : if it isn't your network and you don't have permission, even privlage escalation can get you in a ton of trouble. I provide information only for learning in theoretical / legal. tests/situations. Edited March 10, 2012 by combatwombat27 Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted March 10, 2012 Share Posted March 10, 2012 Metasploit is definitely one way to gain admin privileges. The other way would be creating a local user account using a Live CD. You could do a MITM attack on the network and sniff for passwords. This one would be extremely illegal and I DO NOT recommend, install a keylogger on the target PC. Quote Link to comment Share on other sites More sharing options...
Neill Young Posted March 10, 2012 Author Share Posted March 10, 2012 So there's no way to brute force the router for the info? Quote Link to comment Share on other sites More sharing options...
digip Posted March 10, 2012 Share Posted March 10, 2012 So there's no way to brute force the router for the info? Routers contain info for the router, not the workstation/server admin logins. Maybe we misunderstood what you are after, but a router password does not give you access to the workstations themselves unless the admin used the same password in both places. You would need to leverage access on the network to attack the workstations/servers on the network themselves, and so long as you can access the same network, you don't even need the router password to do this. Quote Link to comment Share on other sites More sharing options...
digininja Posted March 10, 2012 Share Posted March 10, 2012 Two great resources http://www.securitytube.net/ and http://www.offensive-security.com/metasploit-unleashed/Main_Page Quote Link to comment Share on other sites More sharing options...
Neill Young Posted March 10, 2012 Author Share Posted March 10, 2012 i want to be able to access the options on a router (I.E. DNS server, mac address blocking, SSID,...) the whole 192.168.1.1 thing Quote Link to comment Share on other sites More sharing options...
digip Posted March 10, 2012 Share Posted March 10, 2012 i want to be able to access the options on a router (I.E. DNS server, mac address blocking, SSID,...) the whole 192.168.1.1 thing Then you need to be part of the same network first(unless the admin page is accessible to the internet, which it shouldn't but might be by deault), and access the admin page for the router, by either brute force or some other flaw. Quote Link to comment Share on other sites More sharing options...
digininja Posted March 10, 2012 Share Posted March 10, 2012 Is this your AP you are attacking? Quote Link to comment Share on other sites More sharing options...
Atomix Posted March 11, 2012 Share Posted March 11, 2012 i want to be able to access the options on a router (I.E. DNS server, mac address blocking, SSID,...) the whole 192.168.1.1 thing As another member has said in order to do that you will need to be on the network. First step is coming up with the network password there are a million guides all over the internet dedicated to this. Once you have the password join the network and then you will need to open up the routers web page usually something like 192.168.0.1, 192.168.1.1 and so on depending on your the local IP you are assigned. Then you can **sometimes** get in using the default router logins which can also be found with a simple google search. However this only applies if the administrator of the network has not changed it. If they have then your best bet is using other tools while on the network to try and gather possible passwords because once again humans are creatures of habit so the passwords are usually the same for everything. Keep in mind if you do not have permission to access the network all of this is against the law and obviously frowned upon. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted March 11, 2012 Share Posted March 11, 2012 i want to be able to access the options on a router (I.E. DNS server, mac address blocking, SSID,...) the whole 192.168.1.1 thing Go to CMD, type ipconfig and look for the default gateway IP address, assuming your computer is on the same subnet as the router, then type the IP address of the gateway inside a web browser and press enter. Your browser should prompt you for a username and password, if it doesn't than the administrator must have disabled remote administration or it can only be accessed locally via a serial cable physically connected to a computer. If it does prompt you, you will need to figure out what the administrator username/password are. You could try brute forcing it, plenty of tools on the internet. I'd do a Google search for "HTTP brute forcers". Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.