I'm on this LAN network in my dorm and some people onviously think they can hook a router up there and run an AP. This results in a peak in my latency (goes from 13ms to up to 1k ms).
How can I efficiently disturb that? Somehow DDoS their router or something over LAN or WLAN
Atm I'm deauthing all connected clients from the AP, wich seems to work but adding all BSSIDs is painfull. Is there a better way?
Talk to the people in charge of the school network, stuff like that disrupts networks pretty often and they will be looking around for where the interruption is coming from, tip them off and I'm sure it'll go away soon.
>>53381281
been there, done that. There is even a note pinned up at each floor that the usage of routers etc is forbidden.
BAWW MUH NETWORK MUH PEAKS
>>53381176
Find the router's wireless signal
Find its MAC
Set up your own router with a more powerful signal spoofing its MAC, SSID, etc.
Redirect all of its traffic through your shit
Slowly and meticulously pwn each and every one of them however you like.
>>53381605
Got the signal
Got the MAC and SSID
Can't set up a router/laptop with a stronger signal.
How would I go about setting up that AP? I mean I would have to start an AP without an encryption but if they want to connect to it with their default password wouldn't they fail to connect?
>>53381819
If you've got all that you probably used ettercap or something right? So if you monitored it long enough, you'd probably have a complete handshake set somewhere in your capture log.
You can then run that through some script-based, GPU-acclerated cracker to crack the password quickly using a dictionary attack (ideally) - there are lots of how-tos for this part on places as obvious as lifehacker. Once you get their password, of course you can do even more malicious things to THEIR router, but never mind that, we are focusing on phishing the shit out of the clients.
Anyway, you pwn the password, set up your better router (to be stronger it just has to be closer to the client, usually) - use their password on your router and there won't be a problem with them connecting.
A simpler method would be to use some kind of router distro that allows any password to connect, but I'm not sure if that exists. I'd be willing to bet it does, or can easily be made to exist.
>>53381937
I'm currently not monitoring, just deauthing with airreplay-ng and thus not collecting handshakes atm. I'll fire up some monitoring and try to crack it with a dictionary attack
>>53382010
since you're already deauthing like a mofo, you're likely to capture a lot of complete handshakes. Good luck.
also, just a side note - if you can find the signal, how can you not slowly wardrive and triangulate the exact location of the router based on signal strength analysis and triangulation?
I'd think you'd have it down to the offending dorm room in just a few days at most.
>>53382043
got some already
>>53382069
I just get the signal on my laptop wich has a quite good antenna. This would result in running around with my laptop and looking kinda stupid (8 floors here).
Plug into it with ethernet and try the default admin password.
If you can, just set change the operating channel and be done with it.
>>53382282
I do not have physical acces to it.
>>53381176
Report the offending MAC to the network admin. From there they can physically locate the device or just blacklist the MAC.
Attack is running....
>>53382686
>windows
bruh...
>>53381176
>Old microwave
>Satellite dish
>>53383494
did everything on mint on my laptop. The cracking work will be done on my gaming rig wich is windows tough.
switched to hashcat btw. 150 kH/s
>>53381937
Thats pretty useless you want the seconden AP with no password but the rest the same as first one.
Well this was easier than I expected. Got the key and it's working. What should I do now?
>>53384138
Ask them do shut it down
>>53384138
Delete System32
>>53384138
update the router firmware with an incompatible type/brand/model. brick the fuck out of it.
>>53384138
switch dns so everything points to goatse
>>53381176
Just keep deauthing the fags. Eventually they'll give the shit up.
>>53384197
However I DO NOT have acces to the router interface and default passwords do not work.
UPDATE: I identyfied the name of the owner (yeah, he named his pc with First+Lastname...)
>>53384233
Make a fake FBI page saying their network is being monitored for scary reasons and redirect all traffic to it.
>>53381176
>1k ms
duhhh how does units works
How would someone go about redirecting to an other website or something? ARP poisoning?
>>53383607
carry on then...
>>53384138
ettercap > arp poisoning > dns spoof all traffic to a very convincing looking FBI/CIA/NSA page stating that they're to expect the black vans because of terrorist activities emanating from the network.
... or just use it to replace every image with shemale fisting and extreme anal insertion pics.
>>53384138
all out nuclear war
>>53382686
if it's using WPA2, you're wasting your time
>>53384788
>this
>>53384850
I got the key already!!!
>>53381176
If you ever retrieve a password hash, I can try to crack it for you.
Just pass it to me, and I'll answer the mail when I have cracked it. Uncracked passwords never get a response.
[email protected]
>>53384946
...
lurk moar
>>53384861
>>53384788 <--- me again...
You could also use Armitage's "Hail Mary" attack against everything on that network. If you're able to get a meterpreter session out of it, use it to find pics of that person and create an FBI/CIA/NSA page with their pic.
also... you can do other evil shit to their machines from it... but that's up to you.
>>53384992
ill just stick with redirecting to somewhere now
>>53385007
redirecting google and facebook to https://i.4cdn.org/gif/1457194792509.webm
>>53384850
You can still do it.
>>53385033
no wait i just cant redirect to IP
>>53385051
god damnit guys
>>53385033
Fucking kek
>>53385007
I've always been fond of redirecting everything to shemale porn sites. find one, nslookup on the address to get its IP addy, try getting to the site via IP address in a browser, if it works then use it for dns redirection.
>>53385071
Hey what hardware you running on that hashcat? Haven't been able to set up mine, drivers and stuff
>>53385165
r9 280x win7
IM AN IDIOT! HOW DO I REDIRECT THE TRAFFIC?!
>>53381176
iktfw
except you have to log in to the server over RADIUS which limits your connection speed but theres a catch that if you are connected to something and log out the connection stays and the limit is gone (obviously you cant browse during it, just torrent/stream, p2p etc.) but faggots abuse it for VPN's to get faster internet which just hogs up the entire connection.
God i hate dorms.
>>53385276
>IM AN IDIOT! HOW DO I REDIRECT THE TRAFFIC?!
First get their traffic flowing towards your MAC, then iptables with -j MASQUERADE
>>53385276
Ettercap > create etter.dns file with appropriate entry/entries > target the whole network > MITM/arp poisoning attack > turn on dns spoof plugin > profit???
You might also want to have urlsnarf and driftnet running off to the side to watch it all going down.
>>53385423
idk why but it's not working.
anyway i gotta go to sleep
>>53385775
Google is your friend here, there's plenty of tutorials out there for this sort of thing.
>>53381176
>Getting retards
>off my network
guess they aren't the retards after all
>>53386238
>joining a thread an hour after op leaves just to be a faggot
Good Show.
http://www.ex-parrot.com/pete/upside-down-ternet.html
>>53381531
Suggest the school switch to using 801.x
If you setup a script on an rpi you can have it scan for new SSIDs and continuously boot people off.
>>53381937
Could get on the network and do a flawed firmware update to brick their router.
WIFIKILL APP
>>53381819
mfw skiddies first adventure ends up with a visit from the FCC
>>53381559
1000ms is nothing to sneeze at
