Problem :
I’m learning to use Kali Linux to scan for online networks using nmap commands. The basic command here is nmap -sS /24 .
I have a question about this nmap commands:
In my house, i have 2 routers
+The first router has Ipv4 : 192.168.1.1
+The Second router has Ipv4: 192.168.15.1
Let’s assume that i can’t connect to the second router because i don’t know the password is. But if i want to know what is the ipv4 address (or default gateway) of the second router ,what command should i use in Kali Linux ? Or it’s just impossible to do so ?
Solution :
I am not sure that can be done using nmap as you need to be in a LAN network with that router. But this can be accomplished using Wireshark tool or any other tool that can capture network packets or basically is a packet filter tool.
WireShark is a tool used to analyze packet filters in the Network. It can filter packets according to IP Address , protocol and other parameters. One of the protocols It can filter is ARP (Address Resolution Protocol) that maps IPv4 address to MAC Address in any Network.
So, By applying ARP Filter, you can get a list of ARP packets transmitted by all devices nearby going through air. From this list You can see the IP Address and MAC Address by expanding the ARP Request section(shown in screenshot below) after selecting any row.
Have a look at this Wireshark Tutorial : ARP packets & this one too. If you are Learning Tools on Kali Linux for Penetration Testing and Hacking Stuffs, this tool is one of the best to learn.
nmap or Kali won’t give you information on the routing table of another device. If you are connected to the second router, you might do a traceroute to see how the traffic is flowing, and infer information about the second router’s routing table from that.
If your router has SNMP enabled, you can walk OID .1.3.6.1.2.1.4.21 for routing table information.