# SSID Finder?



## Seriman (Mar 29, 2010)

Hello. I'm looking for a program that can find the SSID of a non-broadcasting wireless network... I have Net Stumbler, which can find the network, but not the hidden SSID. I have tried to use Kismet, but I can't get it to work... Any suggestions for a windows-based program that can find a non-broadcasting SSID without using bruteforce?  The network in question is unencryptyed, so it has no password... The only thing I need is it's damn SSID...  Thanks!


----------



## Jashwa (Mar 29, 2010)

Stop trying to steal internet from people, that solves your problem :V


----------



## SnowFox (Mar 29, 2010)

I don't know, but you can probably do it with whax. The only time I tried to use it was a few yeas ago and I had no idea what I was doing, so I'm not much help.


----------



## Kitcat490 (Mar 29, 2010)

If your wireless card supports it, you can sniff all the networks, and, if my assumption is correct, you might catch someone authenticating and be able to obtain an ssid that way. Most cards won't work though, so this probably won't work.


----------



## Scotty1700 (Mar 29, 2010)

He's not stealing someone's internet, he's haxxing the school. It's totally legit


----------



## Fuzzy Alien (Mar 29, 2010)

It's only stealing if you get caught!


You little scamp. :3


----------



## Seriman (Mar 29, 2010)

Other students use it too. The SSID somehow leaked into the student population, so people now use it for their iPods... I, however, am not friends with anyone who knows it, and they will not tell me... :/



Fuzzy Alien said:


> It's only stealing if you get caught!
> 
> 
> You little scamp. :3


:3


----------



## Runefox (Mar 29, 2010)

Uhh... Netstumbler?

EDIT: Oh, wait. Uh... I dunno.


----------



## Scotty1700 (Mar 29, 2010)

Get on yo' knees and beg for it? Nah, just keep pestering em', one of them is bound to tell you.


----------



## Irreverent (Mar 29, 2010)

Kissmet is better on the linux platform, as are most of the better air cracking tools.  

VistaStumbler might be better than Netstumbler on some windows platforms, it supports cards that NS4 doesn't; particularly the Atheros ones found in wintel laptops.  But run either vistastumbler or netstumbler long enough and you'll find the SSID. 

But really, a hidden SSID with no other authentication sounds a little odd.  You're friends aren't telling you the full story.


----------



## Liam (Mar 29, 2010)

Irreverent said:


> Kissmet is better on the linux platform, as are most of the better air cracking tools.
> 
> VistaStumbler might be better than Netstumbler on some windows platforms, it supports cards that NS4 doesn't; particularly the Atheros ones found in wintel laptops.  But run either vistastumbler or netstumbler long enough and you'll find the SSID.
> 
> But really, a hidden SSID with no other authentication sounds a little odd.  You're friends aren't telling you the full story.


I wouldn't put it past a public school to use security by obscurity.


----------



## Irreverent (Mar 29, 2010)

Liam said:


> I wouldn't put it past a public school to use security by obscurity.



My point exactly.  If the school was offering free WiFi, they would publish the non-broadcasting SSID everywhere.  They'd have to know it is getting out.  

So its most likely that someone used an air crack tool find the key to their encryption.


----------



## Kitcat490 (Mar 29, 2010)

Liam said:


> I wouldn't put it past a public school to use security by obscurity.



You are totally correct, my school has no passwords, just hidden networks. Schools are terrible at security. Luckily they provided a guest network at my school, though 30min lease times are pathetic. So basically, most school admins are incompetent and don't know how to set up a network. Took mine 2 years to block facebook. All school networks are insecure, I'm working on the hidden networks at mine now, I'll post if I find something effective for finding the ssid.


----------



## net-cat (Mar 29, 2010)

I'd imagine that Wireshark could pull it off. Depends on your Wifi card, though.


----------



## Irreverent (Mar 30, 2010)

net-cat said:


> I'd imagine that Wireshark could pull it off. Depends on your Wifi card, though.



It will.  But you need to put the card in monitor mode and filter on associate packets.  This assumes your card supports it and that WS supports the card.  

If WS is reporting only a microsoft driver and an interface, it wont see the associate packets, even in monitor mode.  In Promiscuous mode,  WS will only sniff networks its associated to.


----------



## Seriman (Mar 30, 2010)

Irreverent said:


> But really, a hidden SSID with no other authentication sounds a little odd.  You're friends aren't telling you the full story.


It's that way... I used NS and it picked up a network, non-broadcasting, with no encryption... Weird, if you ask me... My home network has double that security...       

I'll have to try these suggestions out when I get the chance, I'm kinda busy at the moment... :/ Thanks for the help!


----------



## ToeClaws (Mar 30, 2010)

Listen long enough and you'll catch it coming from someone else logging in that knows it.

Of course... you could also go outside, read a book, talk with friends and do other more interesting things that don't require a wireless connection at school.


----------



## AshleyAshes (Mar 30, 2010)

ToeClaws said:


> Listen long enough and you'll catch it coming from someone else logging in that knows it.
> 
> Of course... you could also go outside, read a book, talk with friends and do other more interesting things that don't require a wireless connection at school.


 
Or go to the library and use the internet there. o.o

Heck I've found that some universities don't secure their WIRED networks so anyone can get internet from any of the bazillion ethernet jacks around the building while the wifi uses user specifici accounts for access.  I've done events at Carleton U and just plugged in a WRT54GL into the wall and bam.


----------



## Ricky (Mar 30, 2010)

AshleyAshes said:


> Or go to the library and use the internet there. o.o



or a coffee shop


----------



## Seriman (Mar 30, 2010)

The only reason I want to get on the net at school is because I have study hall, I rarely have homework I can do in study hall, and I want to be on FAF and such... Yeah, I could probably use an ethernet connection, but I have study hall in a lecture hall, so there is no wall close to me...


----------



## Ricky (Mar 30, 2010)

brute force.exe


----------



## Kitcat490 (Mar 30, 2010)

Will schools ever learn that without a public wifi they will always be flooded with hacking attempts? This is why I leave my home wifi open...only on a seperate ssid for the same router, fully seperated from my main network.

And I'd try a few ssids that go with the school spirit. Ex. Prospect high school, knight mascot, the admin password on the computers..."knights" schools do stupid things, try to exploit their stupidity with that type of thing.


----------



## Ricky (Mar 30, 2010)

Kitcat490 said:


> This is why I leave my home wifi open...only on a seperate ssid for the same router, fully seperated from my main network.



Right.  Impeccable logic, thar :roll:


----------



## AshleyAshes (Mar 30, 2010)

Kitcat490 said:


> Will schools ever learn that without a public wifi they will always be flooded with hacking attempts? This is why I leave my home wifi open...only on a seperate ssid for the same router, fully seperated from my main network.


 
Or you could just use WPA2 encryption, a good SSID and encryption key that isn't in any dictionary and you're pretty much safe from any would-be script kiddy.


----------



## Kitcat490 (Mar 30, 2010)

AshleyAshes said:


> Or you could just use WPA2 encryption, a good SSID and encryption key that isn't in any dictionary and you're pretty much safe from any would-be script kiddy.



Yeah, but I like sharing a bit of my bandwidth, my main network is a super secured network. I can throttle the bandwidth anyway, so I don't mind sharing some of my 8mb/s download speed. Besides, the occasional packet capture assures that if I even detect an attack on the main network, I have passwords from the attacker.


----------



## Ricky (Mar 30, 2010)

Kitcat490 said:


> Yeah, but I like sharing a bit of my bandwidth, my main network is a super secured network. I can throttle the bandwidth anyway, so I don't mind sharing some of my 8mb/s download speed. Besides, the occasional packet capture assures that if I even detect an attack on the main network, I have passwords from the attacker.



So you're not actually doing it to thwart hacking attempts like you said; now you're a philanthropist?


----------



## Irreverent (Mar 30, 2010)

Ricky said:


> So you're not actually doing it to thwart hacking attempts like you said; now you're a philanthropist?



Poor man's honeypot, I guess.


----------



## Kitcat490 (Mar 30, 2010)

Ricky said:


> So you're not actually doing it to thwart hacking attempts like you said; now you're a philanthropist?



If I didn't, my friends would hack it, not even a slight doubt about that. Besides, I let my neighbors share, they only use it once or twice a day. Philanthropists don't run packet captures on their free wifi, just thought I'd say that.


----------



## AshleyAshes (Mar 30, 2010)

Kitcat490 said:


> Yeah, but I like sharing a bit of my bandwidth, my main network is a super secured network. I can throttle the bandwidth anyway, so I don't mind sharing some of my 8mb/s download speed. Besides, the occasional packet capture assures that if I even detect an attack on the main network, I have passwords from the attacker.


 
Okay, everyone get in range of Kitcat490's house to download your child pornography and announce your plans to gun down everyone at your University.



Kitcat490 said:


> If I didn't, my friends would hack it, not even a slight doubt about that. Besides, I let my neighbors share, they only use it once or twice a day. Philanthropists don't run packet captures on their free wifi, just thought I'd say that.


 
Agian, no, properly set up WPA2 is pretty damn secure.  Your friends wouldn't just 'hack it' because the CPU demand time to get in would be massive.  Like, for a single PC, weeks probably.


----------



## Kitcat490 (Mar 31, 2010)

AshleyAshes said:


> Okay, everyone get in range of Kitcat490's house to download your child pornography and announce your plans to gun down everyone at your University.
> 
> 
> 
> Agian, no, properly set up WPA2 is pretty damn secure.  Your friends wouldn't just 'hack it' because the CPU demand time to get in would be massive.  Like, for a single PC, weeks probably.



Haha, somehow I don't think I'll find you all in my yard downloading child porn. But just in case, the router is closer to the back of the house, and there are some good bushes nearby to hide in ;3

As for processing power, my one friend has more computers than I bother to count, he could hack in pretty fast, especially with the 3 rack servers included in his 20+ computers. Besides, he'd probably just do a hard reset on my router, that would be the fastest way in.


----------



## AshleyAshes (Mar 31, 2010)

Kitcat490 said:


> Besides, he'd probably just do a hard reset on my router, that would be the fastest way in.


 
Yes, but we generally assume your would be wifi stealing neighbours arn't in your house, because if they were they're probably in the process of robbing you.

Having access to a lot of CPU power doesn't necessarily mean anything.  It needs to have access to the network it's trying to break into.  The U-Haul with the generator sitting next to it in your front lawn would be less than subtle.


----------



## Kitcat490 (Mar 31, 2010)

AshleyAshes said:


> Yes, but we generally assume your would be wifi stealing neighbours arn't in your house, because if they were they're probably in the process of robbing you.
> 
> Having access to a lot of CPU power doesn't necessarily mean anything.  It needs to have access to the network it's trying to break into.  The U-Haul with the generator sitting next to it in your front lawn would be less than subtle.



Ok, I lose this one, I'll lock it down with wpa2.


----------



## ToeClaws (Mar 31, 2010)

AshleyAshes said:


> Heck I've found that some universities don't secure their WIRED networks so anyone can get internet from any of the bazillion ethernet jacks around the building while the wifi uses user specifici accounts for access.  I've done events at Carleton U and just plugged in a WRT54GL into the wall and bam.



*laughs* Nice.  Yeah, in having talked with other University IT, the approaches to how they distribute the network sure varies wildly from campus to campus.  At UWO, the MAC must be registered before it will function, even then, most jacks are either disabled (if not used) or in other vlans to which there are no dynamic address spaces, so things still won't work just 'cause the MAC is registered.

What we're looking forward to is the entire infrastructure being capable of carrying 802.1x to the port for another level of authorization.


----------



## AshleyAshes (Mar 31, 2010)

ToeClaws said:


> *laughs* Nice. Yeah, in having talked with other University IT, the approaches to how they distribute the network sure varies wildly from campus to campus. At UWO, the MAC must be registered before it will function, even then, most jacks are either disabled (if not used) or in other vlans to which there are no dynamic address spaces, so things still won't work just 'cause the MAC is registered.
> 
> What we're looking forward to is the entire infrastructure being capable of carrying 802.1x to the port for another level of authorization.


 
My understanding is that the ports in the dorms are on a throttled and Mac address provisioned system, but the rest of the entire campus is a free for all.  I dunno what you can actually access on the network without credentials though, we just use it for internet and make no abuses of it.


----------

