Jump to content

odd wireless config.

B34ST1Y

By B34ST1Y
in Questions

 Share

Recommended Posts

B34ST1Y Newbie

B34ST1Y

Posted
Posted

ok, so my college has a setup for wifi, that the students are able to surf the net, do whatever basically....but when you first try to access it (the internet....or any webpage for that matter) it automatically redirects you to a login page on the intranet. I dont have a username or password, and for circumstances beyond my control (no I didnt do anything bad) they wont issue me a student login. :cry: ....ANYWAY

I've attempted to sniff up the packets with ethereal, watching carefully the redirecting going on from >firefox>www.google.com>login page and I just cant tell how the network tech's got it set up. the login is SSL secured, and I HAVE ARP poisoned the gateway with each client (I dont really want to STEAL a user/pass....I really wanna see how this thing is SET UP, because it appears to be very intricate) Also, being the x86 skript kid that I am....using Cain and Abel, (for arp and password sniffing) used the routing table it gave me, and I got a TON of other gateways and router/switches on other subnets, [EIGRP]....so I already figured I was delving into something that was obviously not intended to be seen.

I suppose my question is this: Is anyone familiar with this type of authentication? web based login for internet access?

any help would be much obliged

~ B34ST

Link to comment
Share on other sites
armadaender Newbie

armadaender

Posted
Posted

My school has much the same set up for accessing the wireless connection. They've got is set up for DNS redirect but for fear of getting into trouble I have yet to play around with those (a friend of mine is now on disciplinary probation for port scanning the blackboard servers trying to find holes). I'm still suprised how observant they were to notice that, figured they would have better things to do with their time.

All I know is that if your school uses blackboard, your name and password for that server will most likely be the same for accessing the wireless connection.

As for finding any hard information for how the infrastructure is set up, I would hunt around google for dns redirecting and see if anyone has published any information regarding how it works. Good luck

Link to comment
Share on other sites
moonlit Newbie

moonlit

Posted
Posted

I gotta say, I do despise the way schools and colleges handle people like us... instead of giving us a chance or maybe just once imagining that we'd poked around in more of a white-hat manner they just ban you or even expell you... I have had enough experience of school IT diciplinary action to know how harsh they are and more often than not, they don't even give you the chance to explain why or how you came to be doing whatever you'd done...

ho-hum, it's an Admin's job to be harsh/suspicious I s'pose, so...

Link to comment
Share on other sites
Sparda Newbie

Sparda

Posted
Posted

It's quite easy to not get cought when atempting to find vunrabilitys in networks. I would say bring in your own laptop and a battaty powered switch, 'jack in' in to the network in a quiet place and vwela, asuming no one sees/understands whats on your screen you are fine. Best to of course appear to be doing work while you are waiting for scan results. The other option of course is to boot PHLAK or Whoppix onto a computer and use that. I'v done that a few times at college, not got cought yet ;).

Link to comment
Share on other sites
armadaender Newbie

armadaender

Posted
Posted

Very true, my friend never really took the time to learn about erasing one's tracks and was dumb enough to log onto the wireless network (using his OWN name) and started poking around. He was the dumb one here and I'm suprised the chief admin didn't give him shit for being so stupid. But, I made sure he knew how foolish he was once he told me about the incident.

Oh well, live and learn.

used the routing table it gave me, and I got a TON of other gateways and router/switches on other subnets, [EIGRP]....so I already figured I was delving into something that was obviously not intended to be seen.

I would dive into this from a secure location (like how Sparda suggested) and poke around the final destination of the user's requests. The junk in between there and the ap is practically useless. I just did a similar test from the lounge of my hall using my unregistered laptop running knoppix std, and stumbled upon a shit ton of random switches, routers, and hubs that spanned across the campus. Interestingly enough (and stupid on my schools part); I noticed that half of the teachers' classroom computers can be easily accessed from the dorms and remote accessed just as easily. I'm debating whether or not to share this with the admins.

Funny part is, I remember my high school's network being more secure.

Back on track, if you can figure out what software that end server is running, then you can easily find everything you ever wanted to know about how it works from just about anywhere. Hell, the school's tech site may have it posted. Mine's got their main servers (web mail, blackboard) with their corresponding os' posted for eveyone to see. No hacking required

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...