Hey guys, I am new to this whole stuff. Been reading some guides and tutorial and I think I'm getting the hang of it. Thing is, I am trying to hack into a neighbor's pc (I have his permission). All of the recoinnesance and exploiting tools I see already asume you have your victim's IP address, which I do not have. The most I've been able to get is his MAC address by sniffing the traffic with airodump-ng. Is there any way to get the victim's IP with the MAC address or by network sniffing? (Wireshark doesn't show any ARP traffic, and thus doesn't show any ips).
I have thought of creating an evil twin and then using something like Ettercarp to find the IP. Any recommendations/tips? Thanks in advance
3 Responses
Sorry mate. You can only get the Ip if you have connected to the AP. It won't give you the IP cause that would basically render the whole WPA2 security useless. Wpa2 is to prevent unauthorised access to private information, and the IP is the most crucial one you don't want people to get their hands on cause you can scan it for vulnerabilities and do the best attack for the vulnerability/ies you found.
What you can do tho, is maybe send him an shortened link to your test subject. There are ip logger websites online for free, where you paste the URL you want him to go, then the website gives you a shortened one, then you can use google link shortener to shorten the IP logger url you just made so it looks a lil less conspicuous. You can try grabify which gives you different url option, including the google shortened link already made for you. And also hopes the test subject is 'ignorant' enough to click it. This is another method of reconnaissance. You gotta be creative when it comes to hacking.
Then after the IP gets logged, you can scan the IP for open ports.
Hopes this helps.
Cheers.
P.s- Don't contact the other person who commented on your post before me. Trust no one, not even yourself.
Thanks for your response. (I won't contact that dude, it's suspicious AF, thanks for the warning though). I don't think the target will click on any link, he is quite smart and tech-savvy. Here's what I'm thinking,
I had thought of dauthenticating his network, then once he attempts to reconnect get the MAC address of his PC and start ARPing with aireplay to get a response and hopefully capture his IP. If that doesn't work, spoof his MAC and make an evil twin to try to get him to connect to my AP and then get his IP.
OR just hack his network's password using aircrack and once I am in hopefully there's a tool to scan the network for the other IPs.
let me know what you think about it!
I made a reply to your comment but it didn't go thru and it's too much to type over again. So I'll just make it shorter with important keypoints.
Those strategies you mentioned won't work. Your modem gives the device connected to it the Public IP, not the other way around. So even if he connects to your fake AP, you won't get any info from his true wifi.
You don't need to deauth him from his wifi to get his MAC address. Simply use airodump-ng and it will list Wifi AP's and the devices currently connected to each one, in your range.
Next thing, using aircrack-ng is impractical cause it would take too long to crack a simple 8 digit password. Even if you'd use your GPU to help speed it up. His password would have to be super hard for you to guess, but super easy to bruteforce.
You can find out if his modem has WPS enabled, and if it is opened or locked. You can use tools like reaver and many alike. Google tools similar to reaver for kali linux.
Learn to use your questioning, by developing your problem solving skills. Then use google to help give you answers.
Learn to use these 3 basic tools:
airodump-ng
-i wash
reaver, wifiite etc
These help you crack WPS enabled AP's.
Hope this helps.
Cheers.
Share Your Thoughts