So I've just started setting up a little lab for myself, got a switch with built in vpn & firewall, a printer & 2 computers (both with kali linux) & an old router with WEP encryption on a private LAN.
Some of the things I have done/am planning to do are as follows :
1. Fuzz various machines on the network with mangled frames and monitor it in wireshark.
2. Use ettercap to man-in-the-middle LAN traffic and then driftnet to sift out image & audio data being browsed from machines on the network in real-time.
3.Use p0f to intercept transmissions on various ethernet cables on the network and save the packets to a log file.
4. Infect machines on the network with a keylogger I wrote which writes keystrokes to a log file, screencaps every few seconds and sends the results to an email.
Anyone else have a pentest lab, and would like to share details of their setup and ideas? .
>>55951594
> ettercap
> p0f
> wep
The fuck, nigger? Did I fall asleep and wake up in 2005?
Nice setup.
I threw together a Bro NSM from an old desktop pc for my Internet gateway.
Pretty sweet grepping through the logs and seeing whats going on.
I used a 20 dollar ethernet hub as a tap. (dsl is stuck at 8 meg anyway)
Nice productive setup you've got there, you're not fucking about. You fishing for zero days or something?
Just because you sit on a dildo at your computer doesn't make it a penetration lab.
>>55951649
I dont think anon is trying to 0day WPA2
>>55951594
my setup is you're mom's pussy and my idea is pentesting her day and night
>>55951594
>not doing SSL decryption
get out
>>55951787
Huh, never heard of that network monitor. I used PRTG for a while.Thanks, I really just want to learn stuff. If I can find some vulnerabilities on some hardware/software on the network on my own it'd be great. Like, I KNOW wep is deprecated but I've never actually cracked it.
>>55951973
I actually did do that before but only on my own machine, not across a network. Thanks for the reminder though, I'll add that to the list.
>>55951649
Like I said before, I know wep is deprecated but I've never cracked it myself so I want to.
>>55951594
Let's make this thread worthwhile, discussions and bump for interest.
>>55951996
>Like, I KNOW wep is deprecated but I've never actually cracked it.
LOL, I know that feel. Cracked it first time a few months back.
Seriously, takes like about five minutes these days, barely worth the effort. It makes more sense to go for WPA hacks on wifi these days.
NB i used the pifite.py script for it (at least I think thats what its called - it does pixie dust and all the good stuff)