Hi, first, I want to say sorry to TRT that I wrote vulgar words to him in my previous post (it is removed now). Now the question: If anyone can help ... I am on Wi-Fi with my Kali Linux, I am trying to get backdoor .exe file to target PC... can somebody find me using my LOCAL IP ? I mean there are 20 connected users and if can somebody find me physically. It might be wrong question, sorry for that.
Thanks for every answer.
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
14
Replies
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
2
Replies
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
Metasploit Error:
Handler Failed to Bind
41
Replies
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
Forum Thread:
How to Run and Install Kali Linux on a Chromebook
18
Replies
Forum Thread:
How to Find Admin Panel Page of a Website?
13
Replies
Forum Thread:
can i run kali lenux in windows 10 without reboting my computer
4
Replies
Forum Thread:
How to Hack School Website
11
Replies
Forum Thread:
Make a Phishing Page for Harvesting Credentials Yourself
8
Replies
Forum Thread:
Creating an Completely Undetectable Executable in Under 15 Minutes!
38
Replies
Forum Thread:
Hacking with Ip Only Part [1] { by : Mohamed Ahmed }
5
Replies
Forum Thread:
Problem with Airmon-Ng and VM
3
Replies
How To:
Dox Anyone
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
How To:
Scan for Vulnerabilities on Any Website Using Nikto
How To:
Enumerate SMB with Enum4linux & Smbclient
How To:
Spy on Traffic from a Smartphone with Wireshark
How To:
Find Passwords in Exposed Log Files with Google Dorks
Steganography:
How to Hide Secret Data Inside an Image or Audio File in Seconds
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
How To:
Use Metasploit's Timestomp to Modify File Attributes & Avoid Detection
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
How To:
Crack SSH Private Key Passwords with John the Ripper
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
How To:
Make Your Own Bad USB
How To:
Use SQL Injection to Run OS Commands & Get a Shell
How To:
Get Root with Metasploit's Local Exploit Suggester
How To:
Manually Exploit EternalBlue on Windows Server Using MS17-010 Python Exploit
How To:
Target Bluetooth Devices with Bettercap
How To:
Use Command Injection to Pop a Reverse Shell on a Web Server
24 Responses
yes
Can you explain how please ? ( short explaination is enough)
Thanks in advance.
Are there another ways than the mac address ?
My thought: if someone want to do that triangulation, does he need to have three AP's ? I've read something about it and they described something about 3 points and user in the middle. Link: http://stackoverflow.com/questions/16485370/wifi-position-triangulation
Yes, they needs at least 3, hence the name triangulation (triangle have 3 points)
Cheers,
Washu
Yes, using WiFi triangulation but it would be rather difficult, but it is definitely possible.
Cheers,
Washu
Thanks, Washu, you said it's difficult, can someone do it in about 5 - 10 minutes?
The issue isn't time, it can be done under 5 mins, maybe even under 3 mins. The problem is that they need 3 different WiFi devices specifically made to triangulate and they must be all set up and ready to go when they start. I wouldn't worry about it to much since unless they are very security conscious with a very fast deploy team then you should be able to pull it off.
Cheers,
Washu
Washu:
So without 3 AP's they can't find my physical location ?
Well they're not necessarily AP, they just need to be WiFi adapters (since you the adapters don't have to be broadcasting anything you won't be able to know if they are being used or not). Theoretically speaking, and I'm just thinking of this now, using only one the could see if the signal is getting strong or weaker and eventually find you this way but this would be more tedious and pretty rudimentary.
Cheers,
Washu
Yeah, but I'll see that if there will be a man with notebook running around the area and looking for me. Then I'll disconnect and leave. Thanks for your answers, I appreciate it.
You must write down your local IP in the payload, you know, for it to know it must connect back to you. The only problem is that people can still physically run.
You misunderstood. I know how to make backdoor, I just needed to know if can some admin of network physically find me using local IP...
Because of the fact that "you must write down your local IP", if they have the payload they have you.
Is it clearer now? You seriously didn't even try to think on my sentence.
I think OP is trying to find out whether or not one someone has his local ip can they physically track him down. He's not worried about them finding the local ip, only finding him using the local ip.
Cheers,
Washu
Sorry, I didn't get it. Now I understand. I am not native english speaker
No problem, me neither. Also: routers usually log MAC addresses linked to given IPs. It is possible that they can find the MAC address. Still if they find out someone has been hacked and stop the ones connected from running away, you are going to be busted, one way or another.
Thanks!
If the admin knows your local IP and the device it belongs to then, customarily, they would find you as they know where the machine is located (assuming it's a stationary establishment). If you are on LAN rather than Wireless LAN (WLAN), then the admin definitely knows where you are (again, assuming that he knows where the Ethernet cable is located).
However, if you are using Wi-Fi and a portable device then, since you could be connected from anywhere, it is close to impossible for the admin to find you. I say almost because if it is a network (as you said), then it most likely has multiple Wi-Fi routers and repeaters. The admin would be able to see which one you are connected to and go to that area. It narrows the search down significantly.
Furthermore, if we go deeper into this, then we could say that the admin can analyse the router to which you are connected and, by signal strength, they can then work out the radius (i.e. distance between you and the router). All the admin would have to do now is position themselves at that distance and circle the router. Eventually they may find you...
Only problem is, you already left :D
Plot twist: you are the admin.
TRT
What do you mean "you are the admin" ?
//EDIT:
oh, "twist" , now I get it, sorry.
And yes, it is a network, but I think there is just one router and nothing else. And can I DDoS an client of a network? Because I've used Google and I found only how to DDoS entire network (I want to get user out of the network (admin) without accessing router).
You can execute a Denial of Service (DoS) attack against practically any device. You just need to know the target IP address and send packets to it.
If it is a device on your local network, it will be much easier to 'bring them down' because there is higher throughput, and so more of your packets get delivered in a shorter timeframe.
This could be the case over WAN, but the connection between you and the target would have to go through as least hops as possible in order to achieve (close to) the same throughput as over LAN (or WLAN).
So for your task, nmap can conduct a DoS attack, hping3 can as well, and then there are all these tools that were posted by OTW.
TRT
You could also do a deauth attack.
Cheers,
Washu
I did deauth, but it worked only on entire network for me.
Share Your Thoughts