Forum Thread: IPs and Networks.

Hey guys. I'm trying to understand everything about Metasploit. But there's just some things that kind of confuse me and I'm hoping you guys can solve these problems. I understand how networks and IP's work but....

  1. how could you find your "target" on a LAN or MAN? (If you know there ip)

And if there on another network, how can I identify what network they're on? I understand pivoting but I don't understand how I could identify the network there on so I may get on it as well to exploit them

  1. is it possible to exploit a smartphones vulnerabilities like you would a computer system?
  1. how could you find a smart phone's IP? Would you need to track down there router and access the vulnerabilities from there??

Thanks guys!

Get The Weekly Null Byte Newsletter

Never miss a Null Byte guide.

2 Responses

  1. On a LAN you can do an Nmap scan and see all the devices connected to the network. For WAN, if your target is a web server, you can Nmap the website name. If your target is say your friend, you will need to do some social engineering first. Example: Send them a booby trapped message that gives you their IP address when they open the link. From there you can Nmap their IP and see if they are running any vulnerable problems through an open port. Just FYI, it's difficult to hack into someones computer without them opening a malicious file. Very specific conditions must exist to hack into a computer with just an IP address.
  2. Any device has 2 ways of infection. Both involve malicious code being run but one way requires the user to open and run the code, the other is a vulnerability gets exploited to run the code. A PC is generally more vulnerable than a smartphone and social engineering is easier, but mobile OSs such as Android can and do get remote code execution vulnerabilities that may not get patched on all devices. To gain access to a smartphone you pretty much need to use social engineering to get the user to run your malicious app.
  3. If they are on a local network, you can use Nmap to find their IP. If on WAN, it's not really possible because network carriers use NAT and IP addresses can easily change depending on the tower the phone is using.

Oh Ok! I understand now, I really appreciate it! I've been looking all over for these answers but found nothing, so I appreciate the help!

Share Your Thoughts

  • Hot
  • Active