Re: troubles with wireless pentest

From: Max (mmo@remote-exploit.org)
Date: Thu Jun 24 2004 - 15:09:18 EDT

• Next message: Thompson, Jimi: "RE: Limited vs full blown testing"
• Previous message: Martin Maèok: "Re: Limited vs full blown testing"
• In reply to: zcrips xrabbitz: "troubles with wireless pentest"
• Next in thread: Max: "Re: troubles with wireless pentest"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Well just dont focus on the WEP breaking stuff, just take over the
clients. During all of my tests, the client side was completely
unprotected, or at least not as good as it should be.

Take a look at my tool hotspotter at http://www.remote-exploit.org.
If you dont got a good linux box running, you can take the auditor
security collection
cdrom and boot from there, it has the hotspotter including a big
hotspot profile list.
get it from http://www.moser-informatik.ch.

Additionally when it is eap-tls, get the user and the domain and use it
to bruteforce on dial-in.

well basically just try to be more creative, dont waste to much time on
WEP.

Greetings

Max

• Next message: Thompson, Jimi: "RE: Limited vs full blown testing"
• Previous message: Martin Maèok: "Re: Limited vs full blown testing"
• In reply to: zcrips xrabbitz: "troubles with wireless pentest"
• Next in thread: Max: "Re: troubles with wireless pentest"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:57 EDT