Post Connection Attacks

Sophisticated attacks that can be used after connecting to the target AP.

Gathering Information

Now that we are connected to a specific AP, we can gather more detailed info about the clients connected to this AP. There is a number of programs that can be used to do this, we shall talk about 3 programs starting with the simplest and quickest one.

· Netdiscover

Netdiscover is a program that can be used to discover the connected clients to our current network, it's very quick but it does not show detailed information about the clients: IP, MAC address and some times the hardware manufacturer for the client's wireless card.

netdiscover -i [INTERFACE] -r [RANGE]

Netdiscover 0.5.1 [Active/passive ARP reconnaissance tool]
Written by: Jaime Penalba <jpenalbae@gmail.com>

Usage: netdiscover [-i device] [-r range | -l file | -p] [-m file] [-F filter] [-s time] [-c count] [-n node] [-dfPLNS]
-i device: your network device
-r range: scan a given range instead of auto scan. 192.168.6.0/24,/16,/8
-l file: scan the list of ranges contained into the given file
-p passive mode: do not send anything, only sniff
-m file: scan a list of known MACs and host names
-F filter: customize pcap filter expression (default: "arp")
-s time: time to sleep between each ARP request (milliseconds)
-c count: number of times to send each ARP request (for nets with packet loss)
-n node: last source IP octet used for scanning (from 2 to 253)
-d ignore home config files for autoscan and fast mode
-f enable fastmode scan, saves a lot of time, recommended for auto
-P print results in a format suitable for parsing by another program and stop after active scan
-L similar to -P but continue listening after the active scan is completed
-N Do not print header. Only valid when -P or -L is enabled.
-S enable sleep time suppression between each request (hardcore mode)

If -r, -l or -p are not enabled, netdiscover will scan for common LAN addresses.

· Autoscan

Autoscan is another program that can be used to discover the connected clients to our current network, it's not as quick as netdiscover, but it shows more detailed information about the connected devices and it has a graphical user interface.

Download autoscan from: https://sourceforge.net/projects/autoscan/files/AutoScan/autoscan-network%201.50/AutoScan-Network-1.50.pkg.zip/download

-> Install autoscan

->Chose the installation directory

->Complete the installation and set the Network Wizard.

Ethical Hacking - NETWORK PENETRATION TESTING(12)的更多相关文章

  1. Ethical Hacking - NETWORK PENETRATION TESTING(15)

    ARP Poisoning - arpspoof Arpspoof is a tool part of a suit called dsniff, which contains a number of ...

  2. Ethical Hacking - NETWORK PENETRATION TESTING(22)

    MITM - Wireshark WIreshark is a network protocol analyser that is designed to help network administa ...

  3. Ethical Hacking - NETWORK PENETRATION TESTING(14)

    MITM - ARP Poisoning Theory Man In The Middle Attacks - ARP Poisoning This is one of the most danger ...

  4. Ethical Hacking - NETWORK PENETRATION TESTING(13)

    Nmap Nmap is a network discovery tool that can be used to gather detailed information about any clie ...

  5. Ethical Hacking - NETWORK PENETRATION TESTING(11)

    Securing your Network From the Above Attacks. Now that we know how to test the security of all known ...

  6. Ethical Hacking - NETWORK PENETRATION TESTING(10)

    WPA Craking WPA was designed to address the issues in WEP and provide better encryption. The main is ...

  7. Ethical Hacking - NETWORK PENETRATION TESTING(8)

    WEP Cracking Basic case Run airdump-ng to log all traffic from the target network. airodump-ng --cha ...

  8. Ethical Hacking - NETWORK PENETRATION TESTING(7)

    Gaining Access to encrypted networks Three main encryption types: 1. WEP 2.WPA 3.WPA2 WEP Cracking W ...

  9. Ethical Hacking - NETWORK PENETRATION TESTING(5)

    Deauthentication Attacks Theory This attack is used to disconnect any device from any network within ...

随机推荐

  1. Java 从入门到进阶之路(二十四)

    在之前的文章我们介绍了一下 Java 中的  集合框架中的Collection 的泛型,本章我们来看一下 Java 集合框架中的Collection 的子接口 List. Collection 接口有 ...

  2. C++_继承

    C++支持单继承和多继承,并提供3类继承:public.private及protected.在public继承中,每个派生类对象都是基类对象,反之基类对象却不是派生类对象.派生类成员无法直接访问基本的 ...

  3. Python 网络爬虫实战:爬取 B站《全职高手》20万条评论数据

    本周我们的目标是:B站(哔哩哔哩弹幕网 https://www.bilibili.com )视频评论数据. 我们都知道,B站有很多号称“镇站之宝”的视频,拥有着数量极其恐怖的评论和弹幕.所以这次我们的 ...

  4. Area.js下载

    因为vant AddressEdit 地址编辑的必要组件area.js网站经常进不去,所以存在这里,area.js 代码如下: export default { province_list: { 11 ...

  5. egret.sys.TextNode

    class Test extends egret.Shape{ protected textNode:egret.sys.TextNode; constructor(){ this.width = t ...

  6. CListBOX 用法

    ListBox的操作比较简单: 1添加数据 声明控件变量的类别为Control,变量类型为CListBox,变量名为m_ListBox_Content. m_ListBox_Content.AddSt ...

  7. Nginx 从入门到放弃(一)

    Nginx nginx的使用场景 静态资源服务 通过本地文件系统提供服务 反向代理服务 nginx的强大性能 缓存 负载均衡 API服务 OpenResty nginx优点 高并发.高性能 可扩展性好 ...

  8. 收藏python开发各种资源官方文档

    http://json.cn/ https://cn.bing.com/ https://processon.com/ https://docs.djangoproject.com/en/1.11/r ...

  9. 记一次服务器被植入挖矿木马cpu飙升200%解决过程

    线上服务器用的是某讯云的,欢快的完美运行着Tomcat,MySQL,MongoDB,ActiveMQ等程序.突然一则噩耗从前线传来:网站不能访问了. 此项目是我负责,我以150+的手速立即打开了服务器 ...

  10. 轻松搞定安全框架(Shiro)

    SpringBoot 是为了简化 Spring 应用的创建.运行.调试.部署等一系列问题而诞生的产物,自动装配的特性让我们可以更好的关注业务本身而不是外部的XML配置,我们只需遵循规范,引入相关的依赖 ...