Sign in to follow this  
Followers 0
Kinslayer

Look at what going through my router?

5 posts in this topic

Ok, so I live in an apartment and have a wireless router for my internet. I gave the password to access the internet of my wireless router to my neighbor so they could get the internet. I now would love to sniff my own router, and to log what information passes through. See what they're passing through my router. How would I go about doing this? I am new to hacking, and my brain is still kind of stuck in 1994 and windows 3.1 Help :)

-Kinslayer

0

Share this post


Link to post
Share on other sites

If you're using a WiFi card that supports promiscuous mode and the Wlan is using wep just fire-up wireshark. Otherwise, you'll need to use ARP poisoning with a tool like Cain & Abel. The biggest drawback with the latter is that most host-based av/firewall suites now detect and prevent APR (Arp Poison Routing).

0

Share this post


Link to post
Share on other sites

As tekio said you can either use a packet capture tool (such as wireshark) or do some kind of traffic redirection (arp poisoning). Backtrack is a linux live cd which will allow you to do either. Id say that arp poisoning would be more reliable and would also give you the option of playing with the traffic :tongue: but it is more detectable.

A third option would be to place a computer between the wireless router and the Internet connection. Depending on the type of connection you have and the type of hardware you have lying around something could be hacked together pretty quickly.

0

Share this post


Link to post
Share on other sites

My first thought would be to replace router with linksys wrt54g, reflash with openwrt, ssh in and run tcpdump from commandline with filters defined to only show your neighbors packets, but that would involve a steep learning curve in places, but for some thats part of the journey.

Another option to expand on phr34kc0der, would be to add a access point off router via a unmanaged hub and disable the routers inbuilt wifi access, get neighbor to connect to the AP and watch all his traffic come down the wire on another port on the hub with tcpdump/wireshark et all on a ethernet connected machine running backtrack. This option just involves buying stuff rather than learning Im afraid. Or if you have a machine with two ethernet ports , make it act as the hub directly sitting in the middle of it all.

It'd be like a mini legal intercept setup :laugh:

0

Share this post


Link to post
Share on other sites

I would agree with tekio and phr34kc0der that Wireshark is the way to go for short term traffic analysis. If you found your way to this site, then you will quickly find a packet analyzer is a staple in your arsenal of go-to tools. Depending on what you are trying to discover, you may want to set filters to make the capture file manageable. If you are looking for something more long term, set up a proxy and enforce the traffic so it must go through the proxy. This will give you a more holistic view of what URLs and junk that are passing through.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0