Post Connection Attacks

Sophisticated attacks that can be used after connecting to the target AP.

Gathering Information

Now that we are connected to a specific AP, we can gather more detailed info about the clients connected to this AP. There is a number of programs that can be used to do this, we shall talk about 3 programs starting with the simplest and quickest one.

· Netdiscover

Netdiscover is a program that can be used to discover the connected clients to our current network, it's very quick but it does not show detailed information about the clients: IP, MAC address and some times the hardware manufacturer for the client's wireless card.

netdiscover -i [INTERFACE] -r [RANGE]

Netdiscover 0.5.1 [Active/passive ARP reconnaissance tool]
Written by: Jaime Penalba <jpenalbae@gmail.com>

Usage: netdiscover [-i device] [-r range | -l file | -p] [-m file] [-F filter] [-s time] [-c count] [-n node] [-dfPLNS]
-i device: your network device
-r range: scan a given range instead of auto scan. 192.168.6.0/24,/16,/8
-l file: scan the list of ranges contained into the given file
-p passive mode: do not send anything, only sniff
-m file: scan a list of known MACs and host names
-F filter: customize pcap filter expression (default: "arp")
-s time: time to sleep between each ARP request (milliseconds)
-c count: number of times to send each ARP request (for nets with packet loss)
-n node: last source IP octet used for scanning (from 2 to 253)
-d ignore home config files for autoscan and fast mode
-f enable fastmode scan, saves a lot of time, recommended for auto
-P print results in a format suitable for parsing by another program and stop after active scan
-L similar to -P but continue listening after the active scan is completed
-N Do not print header. Only valid when -P or -L is enabled.
-S enable sleep time suppression between each request (hardcore mode)

If -r, -l or -p are not enabled, netdiscover will scan for common LAN addresses.

· Autoscan

Autoscan is another program that can be used to discover the connected clients to our current network, it's not as quick as netdiscover, but it shows more detailed information about the connected devices and it has a graphical user interface.

Download autoscan from: https://sourceforge.net/projects/autoscan/files/AutoScan/autoscan-network%201.50/AutoScan-Network-1.50.pkg.zip/download

-> Install autoscan

->Chose the installation directory

->Complete the installation and set the Network Wizard.

Ethical Hacking - NETWORK PENETRATION TESTING(12)的更多相关文章

  1. Ethical Hacking - NETWORK PENETRATION TESTING(15)

    ARP Poisoning - arpspoof Arpspoof is a tool part of a suit called dsniff, which contains a number of ...

  2. Ethical Hacking - NETWORK PENETRATION TESTING(22)

    MITM - Wireshark WIreshark is a network protocol analyser that is designed to help network administa ...

  3. Ethical Hacking - NETWORK PENETRATION TESTING(14)

    MITM - ARP Poisoning Theory Man In The Middle Attacks - ARP Poisoning This is one of the most danger ...

  4. Ethical Hacking - NETWORK PENETRATION TESTING(13)

    Nmap Nmap is a network discovery tool that can be used to gather detailed information about any clie ...

  5. Ethical Hacking - NETWORK PENETRATION TESTING(11)

    Securing your Network From the Above Attacks. Now that we know how to test the security of all known ...

  6. Ethical Hacking - NETWORK PENETRATION TESTING(10)

    WPA Craking WPA was designed to address the issues in WEP and provide better encryption. The main is ...

  7. Ethical Hacking - NETWORK PENETRATION TESTING(8)

    WEP Cracking Basic case Run airdump-ng to log all traffic from the target network. airodump-ng --cha ...

  8. Ethical Hacking - NETWORK PENETRATION TESTING(7)

    Gaining Access to encrypted networks Three main encryption types: 1. WEP 2.WPA 3.WPA2 WEP Cracking W ...

  9. Ethical Hacking - NETWORK PENETRATION TESTING(5)

    Deauthentication Attacks Theory This attack is used to disconnect any device from any network within ...

随机推荐

  1. MySQL的使用方法和视图、索引、以及存储过程的一些简单方法

    一,基本概念 1, 常用的两种引擎:         (1) InnoDB        a,支持ACID,简单地说就是支持事务完整性.一致性:         b,支持行锁,以及类似ORACLE的一 ...

  2. Java学习笔记6(集合类)

    集合类 集合按照其存储结构可以分为两大类,即单列集合Collection和双列集合Map. Collection:单列集合类的根接口,用于存储一系列符合某种规则的元素,有List和Set两个重要子接口 ...

  3. mysql主从同步失败 Relay log read failure: Could not parse relay log event entry

    mysql: [Warning] Using a password on the command line interface can be insecure. Welcome to the MySQ ...

  4. 手把手教你使用Python生成图灵智能小伙伴,实现工作助手/闲聊功能

    /1 前言/ 在家闲着,做个小项目,基于Python,实现一个语聊小机器人,分享给大家.项目整体比较简单,官方文档介绍的非常详细,可快速上手. /2 目标/ 将图灵机器人放到桌面,实现工作助手/陪聊功 ...

  5. idea的maven项目无法引入junit类

    本机:java版本:1.8 pom中是junit版本:4.12 出现问题:在使用@Test 无法引入 : org.junit.Test; 解决方法:junit在pom.xml改为 4.12-beta- ...

  6. hello python week one

    python的注释 好的pytho程序员不一定非要追求 代码的简短,代码的可读性也是至关重要的 与用户交互 输入 input 会将输入内容转化为字符串 输出 print 格式化输出 %d %s 占位符 ...

  7. ThinkPHP5生成二维码图片与另一张背景图片进行合成

    1.PHP方法 public function do_qrcode(){ Vendor('Qrcode.phpqrcode'); Vendor('Qrcode.Compress'); $object ...

  8. 入门大数据---Hbase协处理器详解

    一.简述 Hbase 作为列族数据库最经常被人诟病的特性包括:无法轻易建立"二级索引",难以执 行求和.计数.排序等操作.比如,在旧版本的(<0.92)Hbase 中,统计数 ...

  9. 理解与使用Javascript中的回调函数 -2

    在javascript中回调函数非常重要,它们几乎无处不在.像其他更加传统的编程语言都有回调函数概念,但是非常奇怪的是,完完整整谈论回调函数的在线教程比较少,倒是有一堆关于call()和apply() ...

  10. 解决SELinux阻止Nginx访问服务

    在使用 yum 安装 nginx 后可能会出现配置完成后却无法访问的问题,查看 audit.log 会发现类似于以下的错误信息 出现此问题的原因是 SELinux 基于最小权限原则默认拦截了 Ngin ...