Have an account?
It looks like you're new here. If you want to get involved, click one of these buttons!
Apply for Membership
Who's Online (2)
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
"Scanning Your Own Cable Modem"
the method i am about to post might be old. i did this 8 years ago or so on an ethernet network when i was using a standard cable modem
you will need a basic port scanner like nmap and a packet sniffer and perferably a tool like snmpwalk (from snmp-utils) to dump the SNMP info you will receive
with the sniffer running, turn off the modem then turn it back on (in some cases it is necessary to turn off the computer itself then boot it back up) open up your sniffer and watch for the modem syncing up and getting it's IP address from your local ISP. from there on the sniffer you will notice a private IP like "10" ,in my case, or maybe a 192. with that IP you can then feed that into NMAP and start scanning. you will usually notice the cable modem does not offer up many ports, but one that might be open is port 161 UDP (SNMP). if that is the case, simply use snmpwalk or an NSE script in NMAP that uses the SNMP protocol for extracting info and you will gleam ALOT of information! you will see a plethora of info, including possible filtering exclusions your ISP has set on the modem, and even your local ISP network environment, in some cases
in very rare cases, you might even have a chance to have RW access, and in that case---if the password can be acheived, you will be able to issue SET commands as well. if the SET commands are successful, in some cases you can actually directly alter config info from the modem, like route tables and port filtering rules. very rarely will one find he has SET command abilities, but even w/ just simple R mode, you can get a ton of info right from your cable modem
so has anyone on here actually tried this since i posted it? i assume it could also be done with a WAP also
Couldn't you just use nmap -sS 192.168.1.1/24?
Would be nice for a more in depth tutorial, with the results you got.
chronic, the IP will not always be a 192. in my case, it was a 10, and other times i would see a 24 block (the 24 block was what my ISP was using at the time). the way i understand it, you will see the IP come up in the traffic dump at bootup, and you will see the IP of the cable modem, which is an IP from the INSIDE INTERFACE of the private ISP network side. so sometimes it can be 10 (private, non-routable), and other times they will have a standard 24 or so. i mentioned this concept simply because i have not met alot of people who knew how to look for their own modem's IP to scan it. this method always worked for me
(the other thing i failed to mention, is once i found that cable modem IP/block, i scanned the range and found SEVERAL modem configurations available to me! apparently if you are behind the ISP, you can see into their private range (security mishap perhaps?)
Add a Comment