troubles with wireless pentest

From: zcrips xrabbitz (zcrips_xrabbitz@hotmail.com)
Date: Wed Jun 23 2004 - 04:56:55 EDT


hi everyone,
      i have been taking on my first large and blind wireless pentest and i
have nearly become lost in the jaws of a wireless network and would
appreciate any help. first i'lll state what i have so far done and seen

the network was encrypted but with wep and large traffic so i was able to
bruteforce the key
The network in focus is quite large with multiple subnets and lots of
“firewalls”

These I did.

Using kismet I sniffed a whole lot of packets. And decoded them with the
found wep key

Then using my conventional ettercap and ethereal I looked through the
packets.
i sniffed a lot more with ettereal and looked through them for a similar mac
address but all packets
had i local (destination) ip and mac address

Now The Problem.

I tried to connect to the net work

I used a nice ip to match one on the network
(8.5) i changed mac addresses to match the host i was spoofing.

then i tried to route packets to another client
which failed with the network unreachable error
i tried a traceroute to my target client but it failed too with the same
error

i used ettercap to passively watch traffic and came up with a comprehensive
list of ip/mac addresses and tried to spoof most of them but still my
packets didn't get routed
i tried using etterape to watch traffic flow and come up with a route but i
figure out that nearly all traffic was internal most hosts were connecting
to each other

HELP:
    HOW CAN I ROUTE PACKETS THROUGH TO OTHER CLIENTS OR BECOME A CLIENT
OR IS THERE A BETTER WAY I COULD DO THIS WHOLE PENTEST FROM THE BEGINING
PLS ANY HELP WOULD BE APPRECIATED.

ZIPPERS CRIPS

_________________________________________________________________
MSN 8 with e-mail virus protection service: 2 months FREE*
http://join.msn.com/?page=features/virus



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:56 EDT