Colin J Posted September 30, 2023 Share Posted September 30, 2023 Hi , Recently I was testing kali linux tools on wifi networks , and i have succeeded in getting the keys for some of these networks , after getting in i usually try first IP in range so i can get to the router page and locate the gateway easily , for others i needed additional tools to analyze the network and scan it to find the router . But for one of these networks , i saw a different scenario and it goes like this : - When i try to monitor the network using airmon-ng or Kismet or any other tools , i find that the mac for the AP is XX:XX:XX:XX:90:12 which belongs to TP-LINK. - After getting the hand shake and cracking the password , and joining the network and trying to located the router "XX:XX:XX:XX:90:12" i can't find it on the network at all !!! - Instead i find another gateway with different mac address "XX:XX:XX:XX:5B:CC" which belongs to RouterBOARD ! tried a lot of tools to monitor or scan the network or to create a broadcast to fill the arp table , i can find the devices along with mac and ip addresses ,but not for the AP with the mac "XX:XX:XX:XX:90:12" !! , also tried to get to the router page by domain names such "tplinkwifi.net" or "tplinklogin.net" ,but still no luck at all . so my problem is the main router doesn't appear on the network for some reason is there anything that i can do in such situation to get the ip of the this device so i can find the router login page ?! Regards Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted September 30, 2023 Share Posted September 30, 2023 To little info, and what says that the gateway uses the same MAC as the AP? And... I assume that you have permission to crack those networks... Quote Link to comment Share on other sites More sharing options...
DramaKing Posted September 30, 2023 Share Posted September 30, 2023 4 hours ago, dark_pyrro said: To little info, and what says that the gateway uses the same MAC as the AP? And... I assume that you have permission to crack those networks... If he did, he would have said so. Sounds like a cracker. He's wasting his time here and would be better off on a blackhat forum. Anyway, default gateways must be router ports. I think what is happening is that he cracked an AP on a subnet that doesn't have access to the router management page, or the web interface is disabled as one can do in RouterOS on commercial routers. Quote Link to comment Share on other sites More sharing options...
Colin J Posted October 6, 2023 Author Share Posted October 6, 2023 On 9/30/2023 at 6:59 PM, dark_pyrro said: To little info, and what says that the gateway uses the same MAC as the AP? And... I assume that you have permission to crack those networks... On 9/30/2023 at 11:50 PM, DramaKing said: If he did, he would have said so. Sounds like a cracker. He's wasting his time here and would be better off on a blackhat forum. Anyway, default gateways must be router ports. I think what is happening is that he cracked an AP on a subnet that doesn't have access to the router management page, or the web interface is disabled as one can do in RouterOS on commercial routers. Yes I'm fully authorized to work on this network for test purposes only. The AP is a tplink router , so it should have and ip address and also it should appear on the local network , but it doesn't ! Regards Quote Link to comment Share on other sites More sharing options...
DramaKing Posted October 6, 2023 Share Posted October 6, 2023 19 minutes ago, Colin J said: Yes I'm fully authorized to work on this network for test purposes only. The AP is a tplink router , so it should have and ip address and also it should appear on the local network , but it doesn't ! Regards OK, granted, but it's clear that you did not crack the router. The Mikrotik RouterBOARD that I have does not have a WAP built-in. The TP-Link would have been just a WAP or wireless bridge. If you check your ARP cache, you should find that MAC address. You won't be able to find it by domain name because that only works if you have the TP-Link set as your DNS server. Try router.lan for the router. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.