Idk_Man Posted June 18, 2020 Share Posted June 18, 2020 *For educational purposes* What is the next step after a clients access point password has been found? I've been spinning around in circles and can't seem to figure out where to go from here. Can anyone please point me in the right direction? Or maybe point me to another forum/website that would help? Thanks guys! Quote Link to comment Share on other sites More sharing options...
Aaron Outhier Posted June 21, 2020 Share Posted June 21, 2020 That kind of depends on what you hope to accomplish. Before getting directions to your destination, it helps to have a clear destination in mind. It should be easy enough to connect to the target network now, but if that’s not your intended outcome, then that is little help. Quote Link to comment Share on other sites More sharing options...
Idk_Man Posted June 22, 2020 Author Share Posted June 22, 2020 Yes, I can connect to the client's access point, but besides that, can anything else be done with that information? Perhaps stage a future attack against the client in the future? Quote Link to comment Share on other sites More sharing options...
Aaron Outhier Posted June 23, 2020 Share Posted June 23, 2020 15 hours ago, Idk_Man said: Yes, I can connect to the client's access point, but besides that, can anything else be done with that information? Perhaps stage a future attack against the client in the future? Once you are connected to the AP, you can access the other connected devices. In an real-life Pen test, for example, someone within a particular company would hire you to conduct a cyber attack on the company. There would be certain criteria given, such as certain machines being off-limits, or perhaps you are given a specific attack or task to perform, etc. Anyhow, in order to prove that you have accomplished the assigned task, you often retrieve data specific the the machine or machines in question, such as specific files stored there, or a list of passwords stored therein, etc. To be honest, I’ve never done a real Pen test, so my understanding of what goes on in one is limited. A tool such as nmap can be used to scan the network for attached devices. Before I go any further, I want to point-out and remind everyone, that running these kinds of tests, even for “educational purposes” is illegal if you perform them on someone else’s equipment without permission of someone who owns, manages, or maintains said equipment, and has the authority to give such permission. Lastly, as I tried to to say earlier, where you go next depends on your ultimate destination. I understand that you don’t have a destination yet, but rather are expressing curiosity as to the possibilities. I’m just saying, if you want more specific answers, it helps to ask more specific questions... 🤪 1 Quote Link to comment Share on other sites More sharing options...
Aaron Outhier Posted June 23, 2020 Share Posted June 23, 2020 On 6/18/2020 at 1:04 AM, Idk_Man said: Can anyone please point me in the right direction? Or maybe point me to another forum/website that would help? Thanks guys! For security & hacking forums, try https://forums.kali.org/ Quote Link to comment Share on other sites More sharing options...
Quintox Posted June 26, 2020 Share Posted June 26, 2020 Kudos to you Aaron Outhier, for helping the community! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.