Penetration Testing mailing list archives
RE: Lan access via wifi
From: "John Forristel (SunGard-Chico)" <John.Forristel () sungardbi-tech com>
Date: Mon, 6 Jun 2005 11:19:24 -0700
I would do a few things: I would fire up a good sniffer (tcpdump, etc) and see what kind of traffic is coming across. Is it Windows only? Novell? I would run NMAP against the whole subnet and see what is really open. There must be something to talk to, otherwise there is no point of having the DMZ. Depending on the machines I found, I would enumerate them and see if they were routers, PC's, etc. I would check for null or same-as-login passwords. Using just \\ipaddress\ probably wouldn't work very well, I'd be trying to create a null session with "net use \\ipaddress\ipc$ " and see if that gets you a response. If I got there, I would use a variety of tools to discover other information about the machines. I'd make sure I documented all of these tests, that is a major issue. John -----Original Message----- From: Sherwyn Williams [mailto:sherwill22 () tmail com] Sent: Monday, June 06, 2005 3:47 AM To: pen-test () securityfocus com Subject: Lan access via wifi Senerio: Doing a pentest, the client has a wifi router that is not encrypted and is gaving out dhcp address to any wifi client with a compatible card. Now my question is once I received a ip address, and I pinged a few internal clients , how would be a good way for me to gain access to these internal network. I tried //ipaddress/ because there is no machine name in the dhcp routing table. Could not connect that way, I even tried to open up certain ports via putting the machine on the router dmz and did a scan with the secuirty features disable, but still there is no open ports. Thanks in advance. Sherwyn Williams Technical Consultant (917) 650-5139 Sherwill22 () tmail com
Current thread:
- RE: Lan access via wifi Meidinger Chris (Jun 06)
- <Possible follow-ups>
- RE: Lan access via wifi Erin Carroll (Jun 06)
- RE: Lan access via wifi John Forristel (SunGard-Chico) (Jun 06)
- RE: Lan access via wifi Todd Towles (Jun 07)
- RE: Lan access via wifi Lohan Spies [ MTN - Agip ] (Jun 07)
- RE: Lan access via wifi Todd Towles (Jun 07)