Forum Thread: Gateway Hacking

If you hacked some cisco devices within their lan, then you are already inside the LAN and behind the firewall why would you need the gateway?? it is more interesting i guess to find the servers. Sorry, i know my answer isn't of any help to your problem

the problem is that i have very very short time, just 15 min average/day, so i hack whatever i see!!

the network has 100+ devices!!

maybe find the WAN ip adress. Then nmap that. sorry for bad grammer.

i have the external ip, i will try to hack it later, but i don't think even i hacked it, i will get full access to the network such like if i was in LAN! also, that ip has no login page (i can't access it in browser!) i can share the ip if u want

any reason you haven't scanned all ports?
-p 1-65255

because it consumes time, and i don't have that time!!

ok, i did that scan but on the wan ip, from my pc, not in the lan, i used this command: nmap -p 1-65535 -T4 -A -v -Pn <IP> , the host was down when i didn't use -Pn, that means it's behind a firewall or something like that!

The result is that all 65535 are filtered, so... also "Too many fingerprints match this host to give specific OS details" ! what to do ?!?!

if you are in the LAN ,scan the subnet
nmap -sV 192.168.1.0/24

i know what that does, but how that help in my case (question) ?

Today I found another subnet (192.168.001.x), the network boot manager (which windows can be installed from it in lan), it has the ip of 192.168.001.222, I nmap'ed it, it seems to be windows 7 or abover, it has many ports and services, one of them is 3306/mysql, I did "nmap -sV -p 3306 <ip>" it uses mysql 5.5.28 version, I searched for vulnerablities for it, there are some in the cve, but I'm not any good with advanced vulnerabilities/exploits, so I will just give it a try tomorrow! I appreciate any help.