Wjat to do if there is no DHCP

korek · Post by **korek** » Tue Jan 24, 2006 10:41 pm

What to do if there is no DHCP on target network.
how to get defalut gateway(i think you can sniff that one), subnet mask and DNS?
i

Post by **pozican** » Wed Jan 25, 2006 1:35 am

Absolutely -- SNIFF SNIFF SNIFF baby!

Should find subnet / gateway easily

DNS? Queries will probably show up too...

korek · Post by **korek** » Wed Jan 25, 2006 10:28 am

ok but how do i know where to look, what filters (in ethereal) should i use
to extract DNS and subnet mask (i can get gateway already)

tgo · Post by **tgo** » Wed Jan 25, 2006 4:59 pm

If you mean that you are on a wireless network then most likely the default gateway is the router itself so trying pinging 192.168.1.1 or 192.168.2.1 as most router will install with this ip.

if you cant find it by guessing comming ip's address then you have to sniff like pozican said.

spidr_mnky · Post by **spidr_mnky** » Fri Jan 27, 2006 7:41 pm

If the network isn't too sensitive to this kind of thing, you can speed up the sniffing process by generally harassing the broadcast address with pings, or whatever type of traffic you want to see who is responding to. If it appears that the server in question is set to ignore broadcast packets, you can just flood the whole range of addresses until you get a response (assuming you sniffed enough to know the first two or, preferably, three octets). Nmap is good for that.

Edit: Saw that you're curious about analyzing more than generating results...off-hand, I think the subnet mask should be part of any given packet, and the DNS server is often the same as the gateway.

vladimirnb · Post by **vladimirnb** » Sat Jan 28, 2006 10:21 am

I am newbie.I am interest how to hack my wireless provider.when I open internet explorer I have login screen were I put my username and password.I don t now what i need to find username and password of other peoples.My provider don t have any security.(like wep,wap)

Post by **netphreak** » Sat Jan 28, 2006 6:12 pm

You've posted this twice within a day... You're not helping your position.

Ramius · Post by **Ramius** » Sun Jan 29, 2006 12:40 pm

If you know what router type the wireless device is, then go to the manufacturers web site and find the configuration guide that is posted on the site and find the defualt configuration settings for you box.

If it is unknown, then a net stumbler runn might tell you what type it is as well as channel info and IP address.

There are several tools on the WHAX and AUDITOR cd/dvd that will be helpful and the nice thing is that you will not need to install Linux to make them work.

Also, for the sniffer, if DNS runs on port 53, then you will not need a filter, just let it run for about a min and then sort all of the traffic based on the port.

Dont forget to search through broadcast and non broadcast traffic as each will tell you different, but equally important information.

RK

korek · Post by **korek** » Wed Feb 01, 2006 4:20 pm

thank you for all replyes
i have an auditor installed on my hd and atheros based wifi card.
I have another questions.
How to sort the trafic by port in ethereal?
what is broadcast and non broadcast traffic? (i didn't realize there is a difrent) and how to split it in ethereal
sory for lame questions but i have bought a wifi card and i'm learning now

korek · Post by **korek** » Wed Feb 01, 2006 4:27 pm

One more question.
How it is posible that, after spoffed mac to valid one , i can use instant messenger (gadu gadu) but i can't browse network, use webbrowser and e-mail client.
i can't explain that why one program have access to internet others not...

korek · Post by **korek** » Thu Feb 09, 2006 7:11 pm

nevermind i forgot change settings of firewall after upgrading it