B34ST1Y Posted April 29, 2006 Share Posted April 29, 2006 ok, so my college has a setup for wifi, that the students are able to surf the net, do whatever basically....but when you first try to access it (the internet....or any webpage for that matter) it automatically redirects you to a login page on the intranet. I dont have a username or password, and for circumstances beyond my control (no I didnt do anything bad) they wont issue me a student login. :cry: ....ANYWAY I've attempted to sniff up the packets with ethereal, watching carefully the redirecting going on from >firefox>www.google.com>login page and I just cant tell how the network tech's got it set up. the login is SSL secured, and I HAVE ARP poisoned the gateway with each client (I dont really want to STEAL a user/pass....I really wanna see how this thing is SET UP, because it appears to be very intricate) Also, being the x86 skript kid that I am....using Cain and Abel, (for arp and password sniffing) used the routing table it gave me, and I got a TON of other gateways and router/switches on other subnets, [EIGRP]....so I already figured I was delving into something that was obviously not intended to be seen. I suppose my question is this: Is anyone familiar with this type of authentication? web based login for internet access? any help would be much obliged ~ B34ST Quote Link to comment Share on other sites More sharing options...
Sparda Posted April 29, 2006 Share Posted April 29, 2006 DNS redirect or HTTP redirect? Quote Link to comment Share on other sites More sharing options...
B34ST1Y Posted April 29, 2006 Author Share Posted April 29, 2006 it LOOKS like DNS redirect Quote Link to comment Share on other sites More sharing options...
Sparda Posted April 29, 2006 Share Posted April 29, 2006 Try changing your DNS server. Quote Link to comment Share on other sites More sharing options...
armadaender Posted April 30, 2006 Share Posted April 30, 2006 My school has much the same set up for accessing the wireless connection. They've got is set up for DNS redirect but for fear of getting into trouble I have yet to play around with those (a friend of mine is now on disciplinary probation for port scanning the blackboard servers trying to find holes). I'm still suprised how observant they were to notice that, figured they would have better things to do with their time. All I know is that if your school uses blackboard, your name and password for that server will most likely be the same for accessing the wireless connection. As for finding any hard information for how the infrastructure is set up, I would hunt around google for dns redirecting and see if anyone has published any information regarding how it works. Good luck Quote Link to comment Share on other sites More sharing options...
moonlit Posted April 30, 2006 Share Posted April 30, 2006 I gotta say, I do despise the way schools and colleges handle people like us... instead of giving us a chance or maybe just once imagining that we'd poked around in more of a white-hat manner they just ban you or even expell you... I have had enough experience of school IT diciplinary action to know how harsh they are and more often than not, they don't even give you the chance to explain why or how you came to be doing whatever you'd done... ho-hum, it's an Admin's job to be harsh/suspicious I s'pose, so... Quote Link to comment Share on other sites More sharing options...
Sparda Posted May 1, 2006 Share Posted May 1, 2006 It's quite easy to not get cought when atempting to find vunrabilitys in networks. I would say bring in your own laptop and a battaty powered switch, 'jack in' in to the network in a quiet place and vwela, asuming no one sees/understands whats on your screen you are fine. Best to of course appear to be doing work while you are waiting for scan results. The other option of course is to boot PHLAK or Whoppix onto a computer and use that. I'v done that a few times at college, not got cought yet ;). Quote Link to comment Share on other sites More sharing options...
moonlit Posted May 1, 2006 Share Posted May 1, 2006 most of my antics were pre-knowledge and for me at least (at school, way back when) it would've been hard not to get caught... :( Quote Link to comment Share on other sites More sharing options...
armadaender Posted May 1, 2006 Share Posted May 1, 2006 Very true, my friend never really took the time to learn about erasing one's tracks and was dumb enough to log onto the wireless network (using his OWN name) and started poking around. He was the dumb one here and I'm suprised the chief admin didn't give him shit for being so stupid. But, I made sure he knew how foolish he was once he told me about the incident. Oh well, live and learn. used the routing table it gave me, and I got a TON of other gateways and router/switches on other subnets, [EIGRP]....so I already figured I was delving into something that was obviously not intended to be seen. I would dive into this from a secure location (like how Sparda suggested) and poke around the final destination of the user's requests. The junk in between there and the ap is practically useless. I just did a similar test from the lounge of my hall using my unregistered laptop running knoppix std, and stumbled upon a shit ton of random switches, routers, and hubs that spanned across the campus. Interestingly enough (and stupid on my schools part); I noticed that half of the teachers' classroom computers can be easily accessed from the dorms and remote accessed just as easily. I'm debating whether or not to share this with the admins. Funny part is, I remember my high school's network being more secure. Back on track, if you can figure out what software that end server is running, then you can easily find everything you ever wanted to know about how it works from just about anywhere. Hell, the school's tech site may have it posted. Mine's got their main servers (web mail, blackboard) with their corresponding os' posted for eveyone to see. No hacking required Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted May 1, 2006 Share Posted May 1, 2006 Look into nocatauth Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.