Penetration Testing mailing list archives

RE: Lan access via wifi

From: Erin Carroll <amoeba () amoebazone com>
Date: Mon, 6 Jun 2005 13:47:21 -0400

Just a couple of thoughts:

Meidinger Chris <chris.meidinger () badenit de> wrote ..

And the question after that:

Knowing how to do this is pretty basic for a pentester.


True, but we all had to start somewhere :)

For some of these questions an excellent place to get some pointers and a general overview would be the Security Basics 
list archive which is also on Security Focus. If you need assistance on a particular tool (such as Nessus) there are 
many times mailing lists dedicated for that purpose.

As for the initial questions Sherwyn, I can't really tell from your email if you have active access to the wifi router 
or are doing the pen-test from the outside and are connecting via dhcp to see these internal clients. When you state 
that you put the machine on the dmz for scans are you speaking of your testing box or the unknown machines connected to 
the internal address space?

The reason I ask for the clarification is that, depending on how you are scanning and whether or not there is a *,LAN 
LAN,* ACL on the router, it seems odd that you are getting no open ports whatsoever. At the very least you should 
usually get port 546 (DHCP-client) for these mystery boxes. If you can ping them successfully, a port is open and 
responding. That you get no results during your scans indicates an error in your methodology.


-Erin Carroll

Cheers,

Chris

-----Original Message-----
From: Sherwyn Williams [mailto:sherwill22 () tmail com] 
Sent: Monday, June 06, 2005 12:47 PM
To: pen-test () securityfocus com
Subject: Lan access via wifi

Senerio:

Doing a pentest, the client has a wifi router that is not 
encrypted and 
is gaving out dhcp address to any wifi client with a compatible card.
Now my question is once I received a ip address, and I pinged a few 
internal clients , how would be a good way for me to gain access to 
these internal network.

I tried  //ipaddress/ because there is no machine name in the dhcp 
routing table. Could not connect that way, I even tried to open up 
certain ports via putting the machine on the router dmz and 
did a scan 
with the secuirty features disable, but still there is no open ports.

Thanks in advance.

Sherwyn Williams
Technical Consultant
(917) 650-5139
Sherwill22 () tmail com

Current thread:

RE: Lan access via wifi Meidinger Chris (Jun 06)
- <Possible follow-ups>
- RE: Lan access via wifi Erin Carroll (Jun 06)
- RE: Lan access via wifi John Forristel (SunGard-Chico) (Jun 06)
- RE: Lan access via wifi Todd Towles (Jun 07)
- RE: Lan access via wifi Lohan Spies [ MTN - Agip ] (Jun 07)
- RE: Lan access via wifi Todd Towles (Jun 07)