Spying on a router/modem

op here
would someone hold my hand and tell me the best ARP spoofing and packet sniffing programs that run on windows

I'm going to to make the jump to linux as soon as I get my own PC, but public computers in third world run on windows.

>sniff boring family networks
if their daughters are hot, but use some imagination.
Commercial networks often run on consumer hardware/software, I could MIM a printer in the local law office.
The police networks I imagine are really secure, but the connection in their off-site court offices might not have though to protect their wireless printers.

even if I only mass boot or DDOS I could temporarily get high speed wifi in a hotel or open public network

*frantic googling of new terms*
I don't know shit, as I am not a retard I can follow instructions
complex is fine, as long as I have a manual

also, can't I packet sniff just by being connected to the network, or does this only yield encrypted data

>can I brick a Modem/router?
update it not compatible firmware

you need a MITM traffic sniffer.
I remember changing people's steam usernames as a kid using Droidsheep on my Galaxy S2
Those were different times...

>DDOS
oh boy

This is the most skiddie shit I've heard in awhile

>steam
>kid
>galaxy s2
(You)

???
that phone released 6 years ago, user
i still count being 12 as being a kid cuz 13 is the first number with the "Teen" in it.

Steam released in 2003
Galaxy S2 released in 2011
People who were born the same year Steam released are posting here and in 6 or so years people who were born when Galaxy S2 released will be posting here as well
time to move on, gramps

That doesn't mean you should talk about it. If I was that age, I'd be embarrassed as hell to say "as a kid" and "galaxy s2" (or any smartphone for that matter) in the same sentence.

Ettercap is a good all-in-one ARP spoofing / packet sniffing tool.

This will do a basic arp poisoning attack, writing the results to dump.pcap, and automatically adding new users.
sudo ettercap -Tq -w dump.pcap -P autoadd --nosslmitm -M arp:remote //192.168.1.1/ ////
Remove "-nosslmitm" and it will mitm ssl traffic. This is very obvious to users, though, unless they're the type of computer illiterate who would click the "you're computer has a virus click here to fix" advertisement on their favourite porn website.
You can dissect the dump with wireshark on your windows machine.

>That doesn't mean you should talk about it.
why the fuck not? There's nothing wrong with being young. If you're embarrassed by your age then you've got problems, i don't. And i'm pretty sure while being 19 i'm still on the older side on Sup Forums. Most people here are much younger, especially on the "core" boards like Sup Forums, Sup Forums, Sup Forums, Sup Forums, Sup Forums, i know this because i have been posting on Sup Forums since i was 14 and i'm certainly not the only one, there's a lot of underage people on this board in particular. I grew up around the time dial-up modems were dying and my first console was an N64 knock-off.
Sue me.

I should mention that ettercap is Linux only. You'll need to set up something running Linux if you want to get anywhere.

It's sorta like "autism pride" or "gay pride". Sure you can take no shame in it, but you're still being laughed at, if not having your entire opinion discarded.

there are still a lot of things I don't understand conceptually here

When I sniff packets from the router/modem without any special privileges, everything I get is encrypted; maybe I get a few URL's.
and these are only the packets sent from the modem/router right, not the packets the target is sending

So to actually get readable data, how do I go about it?
A. get the router PIN and access it
B. perform a MIM attack
C. perform a SSL strip

>but you're still being laughed at
not really, you do realize most of the time age doesn't even come up on Sup Forums? And most "laughed at" kinda posts are made by people younger than me and are the most basic and generic shitpost you can make? It's on the same level as ">>>/reddit/"

>if not having your entire opinion discarded
as if saying "opinion discarded" on Sup Forums isn't just an easy way of reflecting an argument by using an ad hominem attack, it's classic
For someone who takes so much pride in their old age you sure as hell are delusional.

>It's sorta like "autism pride" or "gay pride"
oh wait well that explains it, you're just a manchild.
Literally nobody irl (or in 99% of the internet) would laugh at or call out even react in any negative way towards gay pride or autism pride. In my uni (and at work) most people signed the petition for gender-neutral bathrooms and those who haven't just don't care, people know it's ultimately a good thing for everyone. Only some southern americans or third-worlders or old people hate young people or gay people or just hate people based on some metric like that at all, but thankfully,all those groups will die off soon anyway, if not of old age and poor health, then by hands of anti-fascists.

Can't stand not shitting on minorities every second of your pathetic life? There's a containment board specifically for your kind

Sup Forums is the funnest board on the site hence why it's so big.
debunk me.

Please don't ruin this thread with your terminal downs syndrome.

>STOP HAVING FUN IN MY SHITTY LOW QUALITY DRY THREAD
nah

tl;dr.
You're still a dumb fetus lol.

>""""""""""""""""anti-fascists""""""""""""""""
get fucked

The router only slightly modifies traffic as it passes through, the actual data itself remains the same. If you want it decrypted you need to perform an SSL stripping MITM. This is very easily detectable with modern security standards though, so you're relying on the user clicking the "connect anyway" button despite all the warning they will inevitably be given.

Why dont you go to a thread you'll like more then? Nobody would miss you.

>the underage is a communist libtard shitter
Color me surprised.

Thanks, this thread is great ammo for when I want to prove that every contrarian neogaffer on this site is literally a child.

you don't get to dictate when and where I have fun, sir buzzkill butler of the gaylord fag mansion.

it's not "funniest" but it's the "Meme-est" if that makes sense. People know about "pepe the internet frog" and most normalfags think of him as that Sup Forums meme so to get more of it they go the board that it's currently most associated with.
There's nothing wrong with Sup Forums existing, but it's pretty annoying when real idiots join a place where others pretend to be idiots thinking they fit in, especially on such a scale that most of Sup Forums just got replaced by the huge newfag influx first started by gamergate and then by drumpfer. Most people wanting to discuss politics left to other *chans or to /news/ but the meme population stayed and grew on Sup Forums
Then there's the part of it that real extremists use as sort of a recruitment device, white straight working class 9gag-browsing males feel threatened by liberals, so they adopt alternative ideologies and Sup Forums makes sure to go out of it's way to promote itself as the "fuck the system" ideology, scapegoating muslims and minorities for all the bad in the world while being scapegoated themselves as white people by alt-leftists or whatever you even call them now. It's one big mess and Sup Forums is a centrifuge of piss of every type and color. Very fitting for Sup Forums.
Not much to debunk, desu

So I use an ARP poison to facilitate a MIM attack, then from that point I SSL strip (which I hear is a relatively straightforward matter)

...but even if I do all that then the target will easily detect their connection is insecure and will get a huge warning on their browser?
and having access to the router isn't going to help me here is it

seems like having the router is really only good for jamming traffic, is there anything I can actually achive from getting a router PIN other than forcing some random person to call tech support?

fun not funny
neo Sup Forums is fucking boring as shit and full of unironic communists
I miss old Sup Forums

you autists are shitting up my thread, but check this out anyway

OP you need to read about how networking and network security works. Doing a Google search on how to use X tool will get you so far, but you'll likely get stuck when you run into trouble.

Knowing how switches, routers, wireless access points work is a good start. Depending on the type of network you might not even receive anything until you configure the device to forward it to you.

Read up on cryptography. More than likely you'll receive encrypted traffic that you'll need to decrypt. Different algorithms are easier to figure out (generally used by older software or software that hasn't been updated)

Wireshark works fine on Windows. There are also plenty of tools (e.g. nmap/Zenmap) that are on Linux that have a working Windows equivalent.

See if they have any shitty unprotected devices on their network. The router software might help you there, or else you can use nmap.
Most people should have atleast something fun with a default password.

Looks like Sup Forums police is here
>underage
literally not, the only underage here is you, Sup Forumsack
>Sup Forums calling anyone who disagrees with their opinions a communist
oh the irony
> libtard shitter
>respecting people and campaigning for equality and peace is somehow a bad thing
>wanting to live and let live is somehow a bad thing
??? Hating these things literally makes no sense.
>get fucked
no, you will, by my anti-fascist friends:^)
if the system fails to correct itself. progress will be made either way, your only choice is whether it will be made through violence or through peace. My grandpa killed fascists and nazis left and right, he's got a whole box of medals just for killing nazis, he killed them with a knife and with a gun and his friends also killed nazis. If push comes to shove, we'll defend our ideals and way of life once again and let the future generation have another shot at a peaceful world.
You're all as good as dead along with your ideology. Not that i care, i don't live in a third world country like 99% of the USA.
>ammo
what are you fucking 12? holy shit internet is such serious business for you isn't it? Are you gonna run for presidency using your """"""ammo""""""" consisting of shitposts made by some normie on a mongolian basket weaving forum? Holy shit the stupidity of Sup Forums never seizes to amaze me.
>neogaffer
but most of Sup Forums is just the same except they shill for different devs/companies, it's nintendoga/v/ for a reason. Why you're bringing this up on Sup Forums though is a mystery. Most people here post peecee gaming tips 24/7 for fuck's sake instead of discussing anything remotely interesting. It's almost worse.
>a child
>contrarian
and that's how i can tell you're the child here. G'day.

Sup Forums the post

well shit i'm sorry, i had no idea i was supposed to somehow think "funnest" is "fun" and not "funniest", next time you fail at grammar at least try to get close enough that people can tell what you're saying, Sup Forumsack.
>unironic communists
but most of Sup Forums was always commie, well at least if by "communists" you mean people slightly leaning towards socialism because that's what Sup Forums is full of and never was lacking in those people, it was very anti-monopoly and anti-corporations, including shit like net neutrality and etc, not to mention most of Sup Forums was far-left liberals, i mean the very concept of being able to talk shit about anything and fap to lolis while at it is very much extremely liberal.
lolz, wasn't there a group "Public Enemy"? Eminem also had a song literally called "Public Enemy #1"
oy vey

...

I think the question that needs to be asked is what the fuck are you trying to accomplish? If you're looking to steal information, then Phishing is going to be way more effective then trying to MitM encrypted traffic.

Guess I really hit the nail on the head with the gay autsim thing, huh?

>banned for hacking
this isn't reddit, cuck

I have no idea what I'm trying to accomplish; I just realized I can break into routers with reasonable reliability.

any ideas?

I've give you a gun kid, just like elders did back in the day for me. Instead of using ssl strip, have the router redirect the user to a phishing page when they try and access a site. So for instance router sees Facebook.com, it feeds your Facebook.com that logs their creds. Look into dns attacks. Recon-no I think can clone a site but you should learn to program it manually.

install ad nauseaem on every computer

If the firmware is open source you could rebuild it to make it completely broken, e.g. delete wifi kernel modules. It becomes practically unusable but will still be accepted as valid firmware, and even a factory reset wouldn't fix it. The only way then would be tftp, built-in recovery mode (usually waiting for a special packet in wireshark), usb tty or serial tty, but all of this is likely too advanced for an average home user.

As for mitm and such, there's a bunch of shit online so don't ask us.

I could see that working, but I would have to know specifically which login credentials I was after.
It would only work for the mot common sites unless I could somehow re-direct them to a static version of whichever page and somehow inject code to make the input/login field usable in real time

Nobody has nudes in private FB albums, or any valuable information that I am aware of
Best thing I could do was try to spread malicious links or spam briefly before facebook took you down.

Maybe you could use multiple accounts to trick FB verification system

maybe try to phish and blackmail someone on their friends list, it would work if you got a reasonably attractive woman's FB (or any woman's)

not really worth the time unless I had a known target, stole their mail to work out their bank account and phished from there; I'd rather just redirect them to meatspin

Better yet you could disable the ethernet and change the default password (usually it's generated so just tweak the algorithm), so the wifi network would still show and they'd be locked out.

No, your average user doesn't use WPS, and 99% of ISP routers have it off by default

From personal experience I can tell you that this is false. I've cracked far too many WPS networks to think that the users actually enabled it themselves.

locking people out would just be a minor nuisance, they would just reset the modem to factory default with the physical switch

yes from there I could use the default password to get back in, but what would be the point if I didn't achieve anything the first time I got in

I actually find many have it enabled, but I guess it depends where in the world you are and how old the hardware is.
Strangely it's also common for the "dissable WPS" setting not to work

This. Nmap, Metasploit & Armitage are very strong. As well as maltego teeth is worth knowing.

>99%
People that throw random numbers to try enforcing a point they know nothing about are plain retarded. Look for any router model that supports WPS and more often than not you'll find it's enabled by default.

>hurrr durrr I'm a fucking retard that doesn't read full replies
Like I said: rebuild the firmware and even a factory reset will reset it to the newest firmware. So obviously it's your custom built firmware. People this stupid are ruining Sup Forums

>out of the 8 networks in my area, 50% of them have WPS enabled by default
Actually it should be 5/8 since I disabled mine.

Use the same commands for your own areas. It's definitely not 99%. Saying it is just makes you look retarded

>scapegoating muslims and minorities for all the bad

Spoken like someone who doesn't know shit. Jews are responsible for all the bad in the world. Muslims are responsible for all the terrorist attacks in the world, blacks are responsible for all the rape and crime in the U.S. and Western Europe and illegal Mexicans are responsible for the decreased wages of labor jobs as well as the flow of drugs from South America into North America.

66.87.72.116
66.87.145.114

Send everything through your VPN and read the logs

sure thing Sup Forums, whatever you say, just don't forget to take your medication today

I'm sure you think no one is responsible for anything bad that happens.