.

Wireless honeypot

<<

jonas

Newbie
Newbie

Posts: 46

Joined: Mon Jun 08, 2009 9:04 pm

Post Wed Feb 16, 2011 6:54 am

Wireless honeypot

Hi guys,

I've been playing around with cracking my WEP, ARPspoofing and SSLstrip, which is awesome.
However, what if i wanted to "reverse" the process to create a honeypot?  Let's say i create a WEP network, which get hacked, and i would want to identify the hacker by f.example facebook.
Having the router forward all packets incoming on port 80/443 to port 5555 on my computer running SSLstrip/ettercap, which then again forwards the traffic to port 80/443 on my router and out on the internet.  Would that work?  I would like to eliminate the ARPspoof process.

Also, does anyone have any better ideas?  I was thinking of port mirroring but that wouldnt eliminate the SSL if im not mistaken.

Maybe a simple solution is setting up a computer with 2 NIC's?
Last edited by jonas on Wed Feb 16, 2011 6:57 am, edited 1 time in total.
<<

jonas

Newbie
Newbie

Posts: 46

Joined: Mon Jun 08, 2009 9:04 pm

Post Wed Feb 16, 2011 8:04 am

Re: Wireless honeypot

And yeah, i know you can do this by using the ettercap "autoadd" function!  But i don't want arpspoofing at all =)
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Wed Feb 16, 2011 4:41 pm

Re: Wireless honeypot

Why not just make your MITM box the default gateway? Have the router give out the IP of that box for the gateway and boom, everyone is sending all traffic right through your machine. This is just for practice right? You're not setting this up trying to lure people into it are you?

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software