Forum Thread: I Was Playing with Armitage and I've Done This to My Router:

I Was Playing with Armitage and I've Done This to My Router:

how can I use that session ?

5 Responses

I can't do it any more. Must find out how that was possible.

you exploited your router? this seems interesting, because if it was possible over LAN, it is also most likely possible over WAN (internet)

-Phoenix750

This is strange, because I was getting TONS of weird local traffic yesterday as well, specifically from my own router.

Example:
{ Source --> Destination }

  • 192.168.x.1:47148 --> 239.255.255.250:1900 {UDP}
  • 192.168.x.1 --> 224.0.0.1 {IGMP}

All of the communication was local, yet it was resolving to:

car.clubdeoro.com
^^^

That address is what my dns was resolving to...but I had been messing around with a "free" public wifi earlier that day and was using some tunneling/MAC cloning/Spoofing IPs, and it appeard the traffic was originating from one of my virtual adapters.

I finally just flushed my dnscache in windows and I haven't seen the problem since...

  • I wonder what/why was trying to do some weird {multi/broad}casting stuff (I guess?) Maybe the adapter never came out of monitor mode or something, idk.

Share Your Thoughts

  • Hot
  • Active