Where is the router/firewall ??!!!!!

This topic contains 5 replies, has 3 voices, and was last updated by  cyber.spirit 6 years, 2 months ago.

  • Author
    Posts
  • #8398
     cyber.spirit 
    Participant

    Hey my best friends

    i am in middle of a pentest for my cousins company and iam using ISSAF according to hackingdojo shodan.
    i’ve done these phases:

    -Passive info gathering
    -network mapping:
       

    • identifying live hosts (ok)
    • TCP/UDP Port scanning (OK)
    • Banner Grabbing (OK)
    • P/A OS Guessing (OK)

    but now i am in identifying router or firewall stage. i performed a traceroute to the target but after some hops i see all stars because those hops doesn’t respond to ICMP packets. now what? how can i identify routers?? pLEaaAse help!!

  • #52776
     cyber.spirit 
    Participant

    Wait Wait Wait!!!
    The problem is solved i have found a 20 range of their public ip address, seven of the are up 5 of that 7 are servers with alot of same configs and 2 of that 7 are Cisco devices there is no open TCP ports on that two but nmap aggressive scanning says tat they are cisco devices

    now tell me please

    1- how can i find which of them is router or switch?
    2- how can i which network they are routing

    please help i have complete the project three days later. thanks

  • #52777
     Grendel 
    Participant

    It may not matter. The purpose of identifying the customer’s routers and switches is to see if you can attack an administrative port (ssh, telnet, and/or snmp). Otherwise, just keep moving on.

    BTW, we discuss that in the Nidan class.

  • #52778
     cyber.spirit 
    Participant

    @grendel wrote:

    It may not matter. The purpose of identifying the customer’s routers and switches is to see if you can attack an administrative port (ssh, telnet, and/or snmp). Otherwise, just keep moving on.

    BTW, we discuss that in the Nidan class.

    Hi Thomas.
    How are you? Thanx for your help i know that, your are right and i don’t know cisco hacking but i am really curious to know what those devices are i think they are routers not firewalls but why they dont have any open ports. Anyway thanks i’ll go to the next stage

  • #52779
     dynamik 
    Participant

    Switches and routers are Layer-2 and -3 devices, respectively, and do not use TCP or UDP ports to operate. Anything at a higher level than the frame or packet is simply seen as the data payload.

  • #52780
     cyber.spirit 
    Participant

    @ajohnson wrote:

    Switches and routers are Layer-2 and -3 devices, respectively, and do not use TCP or UDP ports to operate. Anything at a higher level than the frame or packet is simply seen as the data payload.

    Well, Well, yup that is right TCP/UDP ports are for higher levels in osi or tcp/ip models and i already know that. As i mentioned before they are using cisco stuff and It’s better to configure your Cisco device to accept the ssh or at-least telnet connections for later configs because the router/switch is in server room there is so cold and it is hard to config the switch using consol cable, that is why i thought it’s strange for a router. anway thanks for your info.

You must be logged in to reply to this topic.

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?