Can't Find Router's IP

[Colin J]

Hi , 

Recently I was testing kali linux tools on wifi networks , and i have succeeded in getting the keys for some of these networks ,  after getting in i usually try first IP in range so i can get to the router page and locate the gateway easily , for others i needed additional tools to analyze the network and scan it to find the router .

But for one of these networks , i saw a different scenario and it goes like this :

- When i try to monitor the network using airmon-ng or Kismet or any other tools , i find that the mac for the AP is XX:XX:XX:XX:90:12 which belongs to TP-LINK. 

- After getting the hand shake and cracking the password , and joining the network and trying to located the router "XX:XX:XX:XX:90:12" i can't find it on the network at all !!! 

- Instead i find another gateway with different mac address "XX:XX:XX:XX:5B:CC" which belongs to RouterBOARD !

 

tried a lot of tools to monitor or scan the network  or to  create a broadcast  to fill the arp table , i can find the devices along with mac and ip addresses ,but not for the AP with the mac "XX:XX:XX:XX:90:12" !!  , also tried to get to the router page by domain names such "tplinkwifi.net" or "tplinklogin.net" ,but still no luck at all . 

so my problem is the main router doesn't appear on the network for some reason is there anything that i can do in such situation to get the ip of the this device so i can find the router login page ?! 

 

Regards 

[dark_pyrro]

To little info, and what says that the gateway uses the same MAC as the AP?

And... I assume that you have permission to crack those networks...

[DramaKing]

4 hours ago, dark_pyrro said:

To little info, and what says that the gateway uses the same MAC as the AP?

And... I assume that you have permission to crack those networks...

If he did, he would have said so. Sounds like a cracker. He's wasting his time here and would be better off on a blackhat forum. 

Anyway, default gateways must be router ports. I think what is happening is that he cracked an AP on a subnet that doesn't have access to the router management page, or the web interface is disabled as one can do in RouterOS on commercial routers. 

[Colin J]

On 9/30/2023 at 6:59 PM, dark_pyrro said:

To little info, and what says that the gateway uses the same MAC as the AP?

And... I assume that you have permission to crack those networks...

 

On 9/30/2023 at 11:50 PM, DramaKing said:

If he did, he would have said so. Sounds like a cracker. He's wasting his time here and would be better off on a blackhat forum. 

Anyway, default gateways must be router ports. I think what is happening is that he cracked an AP on a subnet that doesn't have access to the router management page, or the web interface is disabled as one can do in RouterOS on commercial routers. 

Yes I'm fully authorized to work on this network for test purposes only.
The AP is a tplink router , so it should have and ip address and also it should appear on the local network , but it doesn't ! 

Regards 

[DramaKing]

19 minutes ago, Colin J said:

 

Yes I'm fully authorized to work on this network for test purposes only.
The AP is a tplink router , so it should have and ip address and also it should appear on the local network , but it doesn't ! 

Regards 

OK, granted, but it's clear that you did not crack the router. The Mikrotik RouterBOARD that I have does not have a WAP built-in. The TP-Link would have been just a WAP or wireless bridge. If you check your ARP cache, you should find that MAC address. You won't be able to find it by domain name because that only works if you have the TP-Link set as your DNS server. 

Try router.lan for the router.