Jump to content

Recommended Posts

*For educational purposes*

What is the next step after a clients access point password has been found? I've been spinning around in circles and can't seem to figure out where to go from here.

Can anyone please point me in the right direction? Or maybe point me to another forum/website that would help?

Thanks guys!

Share this post


Link to post
Share on other sites

That kind of depends on what you hope to accomplish. Before getting directions to your destination, it helps to have a clear destination in mind.

 

It should be easy enough to connect to the target network now, but if that’s not your intended outcome, then that is little help.

Share this post


Link to post
Share on other sites

Yes, I can connect to the client's access point, but besides that, can anything else be done with that information? Perhaps stage a future attack against the client in the future?

Share this post


Link to post
Share on other sites
15 hours ago, Idk_Man said:

Yes, I can connect to the client's access point, but besides that, can anything else be done with that information? Perhaps stage a future attack against the client in the future?

Once you are connected to the AP, you can access the other connected devices.
 

In an real-life Pen test, for example, someone within a particular company would hire you to conduct a cyber attack on the company. There would be certain criteria given, such as certain machines being off-limits, or perhaps you are given a specific attack or task to perform, etc. Anyhow, in order to prove that you have accomplished the assigned task, you often retrieve data specific the the machine or machines in question, such as specific files stored there, or a list of passwords stored therein, etc.

To be honest, I’ve never done a real Pen test, so my understanding of what goes on in one is limited.

A tool such as nmap can be used to scan the network for attached devices.

Before I go any further, I want to point-out and remind everyone, that running these kinds of tests, even for “educational purposes” is illegal if you perform them on someone else’s equipment without permission of someone who owns, manages, or maintains said equipment, and has the authority to give such permission.

Lastly, as I tried to to say earlier, where you go next depends on your ultimate destination. I understand that you don’t have a destination yet, but rather are expressing curiosity as to the possibilities. I’m just saying, if you want more specific answers, it helps to ask more specific questions... 🤪

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...