No Client For Fake Auth + Questions

Data that travels over the air and how to protect (or decipher) it

No Client For Fake Auth + Questions

Post by DarkStarX on Sun Mar 06, 2011 1:22 am
([msg=54710]see No Client For Fake Auth + Questions[/msg])

I recently picked up linux and found my way onto the air suite and during my "experiments" I encounterd a problem.


If the mac address is filterd its possible to change your MAC to cooperate with AP? Right?
thats done by using the clients MAC to make adjustments. Once in, then can run deauth or w.e and put it work.

how ever my problem occurs here. There are no clients on the AP so its only shows the filterd MAC. Anyway around this?

also, how to i resolve a MAC into IP ? Thanks
DarkStarX
New User
New User
 
Posts: 4
Joined: Sun Mar 06, 2011 1:12 am
Blog: View Blog (0)


Re: No Client For Fake Auth + Questions

Post by msbachman on Sun Mar 06, 2011 1:50 am
([msg=54711]see Re: No Client For Fake Auth + Questions[/msg])

Changing a MAC address is easy enough; just do a google search for it. I think it's some switch on ifconfig...I'm unsure if it's identical for wireless but give that a shot.

If the mac address is filterd its possible to change your MAC to cooperate with AP? Right?


Yes, assuming you have some way to distinguish between a filtered/nonfiltered MAC address. Someone else might have a better way other than trying all potential MAC addresses; that sounds insane, though I don't really have the experience with such to say it's not feasible.

also, how to i resolve a MAC into IP ? Thanks


That sounds like an inverse arp. I don't know much beyond that though. Someone who stayed awake during networking classes might be able to tell you how that could help you find out a MAC to try in conjunction with the change of your MAC address. :lol:
"I'm going to get into your sister. I'm going to get my hands on your daughter."
~Gatito
User avatar
msbachman
Contributor
Contributor
 
Posts: 681
Joined: Mon Jan 12, 2009 10:22 pm
Location: In the sky lol
Blog: View Blog (0)


Re: No Client For Fake Auth + Questions

Post by fashizzlepop on Sun Mar 06, 2011 1:54 am
([msg=54712]see Re: No Client For Fake Auth + Questions[/msg])

If the AP restricts my MAC and there are no other connections you see other than yourself, you're pretty much SOL unless you break into the router and can find the ones that are allowed. Also, once you connect to the AP you will be able to find which MACs are holding which internal IPs.
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2303
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)


Re: No Client For Fake Auth + Questions

Post by DarkStarX on Sun Mar 06, 2011 4:07 pm
([msg=54734]see Re: No Client For Fake Auth + Questions[/msg])

ok and im having a hard time figuring out what part of the MAC is suppose to be changed for AP access

if im correct the first 4 digits are HW ID? and the rest are for AP ?
also, once i have the client and all the goodies , how do i resolve MAC to IP for Netcat?
thanks for all the help
DarkStarX
New User
New User
 
Posts: 4
Joined: Sun Mar 06, 2011 1:12 am
Blog: View Blog (0)


Re: No Client For Fake Auth + Questions

Post by Assassian360 on Sun Mar 06, 2011 6:06 pm
([msg=54738]see Re: No Client For Fake Auth + Questions[/msg])

DarkStarX wrote:how do i resolve MAC to IP for Netcat?


You won't be able to resolve MAC to IP address for anything outside your local subnet. Your MAC address is never broadcast outside the local subnet, so there is no means of getting an IP directly based on the MAC.
Assassian360
Poster
Poster
 
Posts: 135
Joined: Sat Jun 26, 2010 1:37 am
Blog: View Blog (0)


Re: No Client For Fake Auth + Questions

Post by insomaniacal on Sun Mar 06, 2011 9:08 pm
([msg=54743]see Re: No Client For Fake Auth + Questions[/msg])

Not to mention, IP addresses are either static (Pre-set) or dynamic (Router assigns whatever is in range and available), MAC addresses really shouldn't affect the IP at all, unless someone has implemented a poorly thought out authentication system of identifying hardware based on the MAC.
It's not who votes that counts, it's who counts the votes
insomaniacal.blog.com
User avatar
insomaniacal
Addict
Addict
 
Posts: 1210
Joined: Sun May 24, 2009 10:21 am
Blog: View Blog (0)


Re: No Client For Fake Auth + Questions

Post by DarkStarX on Sun Mar 06, 2011 9:51 pm
([msg=54744]see Re: No Client For Fake Auth + Questions[/msg])

So what your saying is... ?

Even tho I can access An AP and read the MAC of each client and AP there is no way to use that information for port scans?

I guess ill explain what im tryin to do. Me and the roommate been having "dorm-wars" aswell as the neighbors and Im looking to mess with their PC's a little. Even if its just pulling some Data like passwords and history to tape on his front door. Show him who the champ is . I was under the impression from the 20000 scattered articles and tutorials I can use airsuite to make my way into the AP and/or use the client mac address to gain IP which i could use to port scan and then ide figure it out from there lol. Apparently im way off. Any tips or something im over lookin? Maybe some good articles to help my understanding? The internet is riddled with tons of garbage and most is for Win OS . Im using Ubuntu 10.10 and my network card is capable of Packet Injection. and... Decyphering packets? how can i turn that to data? Thanks very much for the help everyone and bearing with the script kiddie questions lol. I appreciate it
DarkStarX
New User
New User
 
Posts: 4
Joined: Sun Mar 06, 2011 1:12 am
Blog: View Blog (0)


Re: No Client For Fake Auth + Questions

Post by insomaniacal on Sun Mar 06, 2011 11:00 pm
([msg=54745]see Re: No Client For Fake Auth + Questions[/msg])

Identifying another computers MAC address could only be helpful if the Access Point only allows certain MAC addresses to connect to it. You could spoof it and so be allowed to connect.

However, if you can connect to the AP, and you want to do port scans, you should look into Nmap. There's tons of tutorials online regarding how to perform different kinds of scans, but getting a crude,quick map of the network would just take the following (or similar) command:

Code: Select all
nmap 192.168.2.*


Once you've identified what ports are open on what computers, you can look for possible exploit routes.
It's not who votes that counts, it's who counts the votes
insomaniacal.blog.com
User avatar
insomaniacal
Addict
Addict
 
Posts: 1210
Joined: Sun May 24, 2009 10:21 am
Blog: View Blog (0)


Re: No Client For Fake Auth + Questions

Post by DarkStarX on Mon Mar 07, 2011 3:14 am
([msg=54750]see Re: No Client For Fake Auth + Questions[/msg])

Riiight.. now were talking. If the MAC is filtered how can you spoof to match? Do You Need a Client for the process of bypassing the filtering?

ya i got nmap but the problem lies here , all i have is a Filterd Mac. and even with an unfilterd mac, which gives me access to the AP, how do I find IP's Of pcs connected to the same AP ? i should be able to pull a list of IPs being used by the AP once connected right? How could i do it on my PC? I also have a roommate (evil laugh)

Again I appreciate every bit of information you have given me, and im sure im over my head in most aspects so I wouldnt dare to ask someone to break it all down into detail but if you have links on some things i should certainly know ....then that would be helpful.
DarkStarX
New User
New User
 
Posts: 4
Joined: Sun Mar 06, 2011 1:12 am
Blog: View Blog (0)


Re: No Client For Fake Auth + Questions

Post by insomaniacal on Mon Mar 07, 2011 8:19 am
([msg=54767]see Re: No Client For Fake Auth + Questions[/msg])

I couldn't tell you how to spoof the MAC off the top of my head, but for read this article for some basic techniques of determining IP addresses.

As for your MAC address problem, the instructions under "Step 2", Here might help.
It's not who votes that counts, it's who counts the votes
insomaniacal.blog.com
User avatar
insomaniacal
Addict
Addict
 
Posts: 1210
Joined: Sun May 24, 2009 10:21 am
Blog: View Blog (0)



Return to Networking

Who is online

Users browsing this forum: No registered users and 0 guests