cable.html

黑客培训教程

<br><b>&lt;TracerT></b> so there will be a lecture on ASCII
<br><b>&lt;TracerT></b> ?
<br><b>&lt;Leper></b> :)
<br><b>&lt;mikestevens></b> you would hijack copperd's IP
<br><font color="#FF0000">*** TracerT is now known as [T]racer[T]</font>
<br><b>&lt;Matt></b> cheese crackers?
<br><b>&lt;mikestevens></b> and log onto IRC as him
<br><b>&lt;mikestevens></b> and start takeing back all the crackers he
gave out
<br><font color="#FF0000">*** Quits: SpiderMan (Ping timeout)</font>
<br><b>&lt;mikestevens></b> and not impersonate an admin
<br><font color="#FF0000">*** Joins: ToRmEnThOr</font>
<br><b>&lt;mikestevens></b> well anyways
<br><b>&lt;mikestevens></b> onto the cool part
<br><font color="#FF0000">*** Joins: MasJCrasJ</font>
<br><font color="#FF0000">*** Joins: SpiderMan</font>
<br><font color="#FF0000">*** ChanServ sets mode: +o SpiderMan</font>
<br><b>&lt;mikestevens></b> intercepting downsteam traffic
<br><font color="#FF0000">*** mikestevens sets mode: +m</font>
<br><b>&lt;Sup|ED-209|Craft></b> this is better then school lecture, why
not make 'BSRF School' ? :P
<br><b>&lt;mikestevens></b> first thing first
<br><b>&lt;Matt></b> mikestevens, are there any time when you can't become
the stealer?
<br><b>&lt;Matt></b> bobbie: node position?
<br><b>&lt;Ralph></b> later
<br><font color="#FF0000">*** Quits: Ralph (Quit: Leaving)</font>
<br><b>&lt;mikestevens></b> Matt: when you are not on the same router
<br><font color="#FF0000">*** Quits: K1llabee (Connection reset by peer)</font>
<br><font color="#FF0000">*** MasJCrasJ is now known as _MasjCrasj-</font>
<br><b>&lt;mikestevens></b> routers cover alot of ground though
<br><b>&lt;mikestevens></b> usually a few mile range
<br><b>&lt;Sup|ED-209|Craft></b> mikestevens: so the data to the IP that
is not be used, goes to the router?
<br><b>&lt;mikestevens></b> so people at school, neighbors, etc are all
potential victims
<br><b>&lt;mikestevens></b> that slut next door
<br><b>&lt;mikestevens></b> etc...
<br><font color="#FF0000">*** mikestevens sets mode: -m</font>
<br><b>&lt;Matt></b> mikestevens, I was under the impression most cable
companies cluster their routers and create a mesh network?
<br><b>&lt;Sup|ED-209|Craft></b> later ppl
<br><b>&lt;mikestevens></b> Sup|ED-209|Craft: I don't really understand
what you said
<br><b>&lt;Sup|ED-209|Craft></b> i will xplain later
<br><font color="#FF0000">*** Quits: _MasjCrasj- (Quit: )</font>
<br><b>&lt;mikestevens></b> Matt: they have local routers and link them
with FDDI
<br><b>&lt;Sup|ED-209|Craft></b> later
<br><font color="#FF0000">*** Quits: Sup|ED-209|Craft (Quit: )</font>
<br><b>&lt;mikestevens></b> then the FDDI ring goes to the local datacenter
<br><font color="#FF0000">*** Joins: nebunu</font>
<br><font color="#FF0000">*** Quits: SileNceR (Ping timeout)</font>
<br><b>&lt;mikestevens></b> anyways onto intercepting traffic if no one
has any more questions / comments
<br><font color="#FF0000">*** mikestevens sets mode: +m</font>
<br><b>&lt;mikestevens></b> ok
<br><b>&lt;mikestevens></b> first we need to know a little more about the
network
<br><b>&lt;Matt></b> afk
<br><b>&lt;mikestevens></b> you have the cable router, your cable modem/router,
and your PC
<br><b>&lt;mikestevens></b> the cable modem is nothing more than a bridge
<br><b>&lt;mikestevens></b> meaning it sees traffic on both sides and seamlessly
forwards as needed
<br><b>&lt;[T]racer[T]></b> there gonna be an lecture on streamz here?
<br><b>&lt;[T]racer[T]></b> *stringz
<br><font color="#FF0000">*** Joins: K3rNEL[PAn1C]</font>
<br><font color="#FF0000">*** Parts: nebunu</font>
<br><font color="#FF0000">*** Joins: Pupp3tM</font>
<br><font color="#FF0000">*** ChanServ sets mode: +v Pupp3tM</font>
<br><b>&lt;mikestevens></b> the 3100 surfboard has a webserver which you
can play with from inside your network
<br><b>&lt;mikestevens></b> http://192.168.100.1/
<br><b>&lt;mikestevens></b> I found the IP by sniffing
<br><b>&lt;mikestevens></b> and I saw IGMP traffic coming from that IP
<br><b>&lt;mikestevens></b> so I browsed to it
<br><b>&lt;mikestevens></b> anyways, the bridge is based on MAC addresses
<br><font color="#FF0000">*** Quits: Pupp3tM (Quit: )</font>
<br><b>&lt;mikestevens></b> so if it sees your MAC behind the bridge it
will let in traffic that is destined to that MAC
<br><b>&lt;mikestevens></b> the outside has no clue what is going on with
the Cable modem
<br><b>&lt;mikestevens></b> another issue
<br><b>&lt;mikestevens></b> not all cable modems will detect the MAC how
mine does
<br><b>&lt;mikestevens></b> you may have to try arp packets to fool it
into it
<br><b>&lt;mikestevens></b> I will provide both ways here
<br><b>&lt;mikestevens></b> so onto the interception
<br><b>&lt;mikestevens></b> first you want to find the targets MAC
<br><b>&lt;mikestevens></b> get onto their subnet
<br><b>&lt;mikestevens></b> and ping them or something
<br><b>&lt;mikestevens></b> then do an arp -an and write down their MAC
<br><b>&lt;mikestevens></b> also do an ifconfig -a and write down your
MAC
<br><b>&lt;mikestevens></b> it is best to hard boot your cable modem at
this point
<br><font color="#FF0000">*** Quits: Prophecy2K1 (Ping timeout)</font>
<br><b>&lt;mikestevens></b> that way it clears the memory of MACs
<br><b>&lt;mikestevens></b> this is done by pressing the little reset button
in the back or however you documentation says so
<br><b>&lt;mikestevens></b> it should take a few minutes up to 30 to get
back on
<br><b>&lt;mikestevens></b> so in the time being
<br><b>&lt;mikestevens></b> you want to stop all services
<br><b>&lt;mikestevens></b> then bring down eth0
<br><b>&lt;mikestevens></b> then type this with the target's MAC in place
of it
<br><b>&lt;mikestevens></b> ifconfig eth0 hw ether 00:00:00:00:00:00
<br><b>&lt;mikestevens></b> bring the interface up with your IP address
and normal settings
<br><b>&lt;mikestevens></b> add your default gateway
<br><b>&lt;mikestevens></b> and ping the router a few times till it works
<br><b>&lt;mikestevens></b> take back down the interface
<br><b>&lt;mikestevens></b> and bring it up again with your settings
<br><b>&lt;mikestevens></b> start up your services again
<br><b>&lt;mikestevens></b> and ping the router again to make sure your
are on
<br><b>&lt;mikestevens></b> you should now be getting the target's downstream
traffic
<br><font color="#FF0000">*** Joins: Prophecy2K1</font>
<br><font color="#FF0000">*** Quits: Matt (Ping timeout)</font>
<br><b>&lt;mikestevens></b> you can use all your fun sniffer tools to invade
their privacy,etc...
<br><b>&lt;mikestevens></b> I will open up a Q&amp;A section while I get
the code mods for the ARP section
<br>*** mikestevens sets mode: -m
<br><b>&lt;mikestevens></b> any questions?
<br><font color="#FF0000">*** Joins: UraniumD</font>
<br><b>&lt;[T]racer[T]></b> yes
<br><b>&lt;mikestevens></b> ok
<br><b>&lt;Ellis_D></b> does the person whose traffic we are stealing have
a way of knowing we are doing this?
<br><font color="#FF0000">*** Parts: UraniumD</font>
<br><b>&lt;ToRmEnThOr></b> i think so
<br><font color="#FF0000">*** Joins: MosdestMouse</font>
<br><b>&lt;mikestevens></b> no
<br><b>&lt;[T]racer[T]></b> NM
<br><b>&lt;mikestevens></b> they can't see it
<br><b>&lt;shellfish></b> i havnt follow this very well, but is this secure?
are the cops gonna come knocking on your door or what?
<br><b>&lt;ToRmEnThOr></b> no?
<br><b>&lt;mikestevens></b> your cable modem silently passes on the traffic
to you
<br><b>&lt;Ellis_D></b> hm
<br><b>&lt;mikestevens></b> probally not
<br><b>&lt;ToRmEnThOr></b> cool
<br><b>&lt;mikestevens></b> unless someone checks on your cablemodem
<br><b>&lt;mikestevens></b> hijacking is a little riskier
<br><b>&lt;[T]racer[T]></b> and what if someone does it?
<br><b>&lt;mikestevens></b> they will probally just think the cable is
out
<br><b>&lt;mikestevens></b> interception is less risky
<br><b>&lt;mikestevens></b> well first they have to prove you did it on
purpose,etc
<br><b>&lt;[T]racer[T]></b> but if noone sees my cabel modem?
<br><b>&lt;mikestevens></b> but if you don't tell anyone they probally
will never know
<br><b>&lt;[T]racer[T]></b> hehe
<br><b>&lt;mikestevens></b> actually if you bring up the interface (when
you are using their MAC as your MAC)
<br><b>&lt;mikestevens></b> with a local IP
<br><b>&lt;mikestevens></b> sometimes the CM will see that
<br><b>&lt;[T]racer[T]></b> but on some External cabel modems there is
a way to connect to the modem
<br><b>&lt;[T]racer[T]></b> from the local machine
<br><b>&lt;[T]racer[T]></b> and check what's up there
<br><b>&lt;mikestevens></b> and there will be no traffic hitting the real
network (cable network)
<br><b>&lt;[T]racer[T]></b> *in there
<br><b>&lt;Edrin></b> well, in this case you are using spoofed MACs and
spoofd IPs on the "same cable" so it would be extremly dificult for others
to find you (well, if there are only 2 computers on the cable... anyway:
police does not know what an arp table is
<br><font color="#FF0000">*** Joins: Nokio</font>
<br><b>&lt;[T]racer[T]></b> LOL
<br><b>&lt;mikestevens></b> lol
<br><b>&lt;mikestevens></b> good point
<br><b>&lt;Nokio></b> hey guys
<br><b>&lt;mikestevens></b> anyways for the other method of getting your
CM to see you
<br><b>&lt;mikestevens></b> I made a simple mod to arpspoof.c
<br><b>&lt;mikestevens></b> of dsniff
<br><font color="#FF0000">*** Quits: Leper (Quit: Leaving)</font>
<br><b>&lt;mikestevens></b> I commented out the arp_send routine on line
193
<br><font color="#FF0000">*** Quits: gUeSt51 (Quit: Leaving)</font>
<br><b>&lt;SpiderMan></b> DF: I'm going to DCC the linux networking log
to you, ok?
<br><b>&lt;mikestevens></b> you can get the CM to see you like this with
the modified arpspoof
<br><b>&lt;Nokio></b> hey all, is the lecture over?
<br><font color="#FF0000">*** Joins: vanished[coding[</font>
<br><font color="#FF0000">*** Parts: vanished[coding[</font>
<br><b>&lt;mikestevens></b> ./arpspoof -t victimip victimip
<br><b>&lt;mikestevens></b> then controlC it
<br><b>&lt;mikestevens></b> it will send out the needed packets saying
their IP is their MAC
<br><b>&lt;mikestevens></b> but
<br><b>&lt;mikestevens></b> the important part