I am getting into the field of penetration testing and had a question about device information scans. I know that you can scan all of the devices on a network and scan for open ports, and in the process get some information on the devices. This information can be anything from network card info to device OS, model, and software running on it. Let's say in a hypothetical pen test situation you got a staff username and password to some website and you wanted to access it, but you wanted it to be done without raising any suspicion by using it from your own device. For example let's say you connected a Raspberry Pi to the same network that a proper user would be on and you tried to login there. Network admins or software could hypothetically see that the device on the network was running Linux and wasn't a commonly recognized device, especially not one that should be trying to login to the website with those credentials. Could the Pi be "disguised" to look like a different machine so that suspicion wouldn't be raised?
Asked
Active
Viewed 23 times
0
-
Ethernet adapter that lets you spoof it's mac (to one typical of IT equipment in the organization) and open ports typical of an IT desktop? Unless they have a record of all their issued MAC addresses it would look a lot like a regular piece of equipment to a scan. If there are any authenticated services on IT equipment they expect to respond correctly, that would get pretty tough. – foreverska Apr 08 '22 at 18:49