Jump to content

HideMyAss.com
Photo

Sniffing LAN Passwords with Cain & Abel

* * * * * 1 votes sniff sniffing lan wan wlan wireless cain and abel cain abel cain & abel passwords facebook youtube accounts

  • This topic is locked This topic is locked
20 replies to this topic

#1
The End

The End

  • 2,402 posts
     

Sniffing LAN Passwords with Cain & Abel

With this, you'll be able to sniff (or, "watch") packets on your network, and extract passwords from them.

 

*You are free to post this tutorial on other forums.

 

Prerequisites

  • Cain & Abel [

    Please Login HERE or Register HERE to see this link!

    ]

 

Sniffing

  • install Cain & Abel
  • if asked about WinPCAP, install that (or update it)
  • open command prompt (cmd)
  • type:
ipconfig

IQ6HIrP.png

  • take note of the IPv4 address
  • take note of the gateway address
  • click start/stop sniffer

P4Y1gZL.png

  • select the device you'd like to sniff
  • click apply & OK

IT9nHDI.png

  • click the sniffer tab

0OMAojb.png

  • press the + button to get a list of all of the devices on our network

tFLDQoa.png

 

ptY0BzR.png

  • all of the devices on your router will appear

HlMspLo.png

 

7ac4hPD.png

  • click the APR tab
  • click in the open space (where my arrow is pointing)
  • click the + again

fnyGICs.png

  • on the left, choose your router (the gateway address from earlier)
  • on the right, choose your desired target device

i9KruWF.png

  • the target device should be idle
  • let's poison the target; click the target device
  • click start/stop APR

7tCPG55.png

  • click the passwords tab
  • click HTTP in the tree on the left

zXxEHof.png

  • wait for target machine to log into things

  • 1

#2
Ninjanon

Ninjanon

    /-\/|/0/|/\'|\/|0|_|5


  • PipPipPipPipPipPip
  • 1,263 posts
  

Nice.


  • 0

#3
cache

cache

    http://tubgirl.ca


  • 2,268 posts
        

Very nice guide.  I'll have to try this out.


  • 0

#4
Ninjanon

Ninjanon

    /-\/|/0/|/\'|\/|0|_|5


  • PipPipPipPipPipPip
  • 1,263 posts
  

I have no idea what I connected to and am poisoning... o.o

 

 

I'm bad at this.


  • 0

#5
vladovescu

vladovescu

    Name


  • PipPip
  • 67 posts

I present you this hypothesis:

I'm in a dorm network, with 300+ active connections.

In this situation, in order to connect to the internet, I need an account + password (have them).

The bandwidth is limited to a "280 quota" and "further traffic will be blocked" if I exceed that quota.

The speed is limited to a 520 kilobytes/second, never increasing.

ARP poisoning would be a total failure (DoS) or an outstanding success?


  • 0

#6
The End

The End

  • 2,402 posts
     

I present you this hypothesis:

I'm in a dorm network, with 300+ active connections.

In this situation, in order to connect to the internet, I need an account + password (have them).

The bandwidth is limited to a "280 quota" and "further traffic will be blocked" if I exceed that quota.

The speed is limited to a 520 kilobytes/second, never increasing.

ARP poisoning would be a total failure (DoS) or an outstanding success?

Good question. I don't know what kind of throughput ARP poisoning does, however I would assume your campuses network runs on gigabit switches & routers. They would likely be able to handle it. Also, if you life in the US, I wouldn't recommend "DDoS'ing" them. Someone in the IT department will have a legal field day once they determine the source of the attack - and that won't take long on a LAN.


  • 0

#7
Xenith

Xenith

    DIRTweb


  • 685 posts
  

yHhchI0.png


  • 0

#8
The End

The End

  • 2,402 posts
     

yHhchI0.png

What were you doing before this happened?


  • 0

#9
vladovescu

vladovescu

    Name


  • PipPip
  • 67 posts

I ran the process, lucky me, Cain allows selecting unique targets for ARP poisoning, so no problems encountered. Pretty boring sniffing session, though, everybody seems to watch Youtube videos. They've probably all checked "Remember password" on their Facebook.

And another thing, the username and password I use aren't mine. I found them written on a crushed display monitor, which was thrown out the window, and now I stole that guy's digital identity.

Believe me, DDoS-ing these shitheads would actually be a good deed.



yHhchI0.png

Try unchecking Pre-poison ARP caches in the "Configure" tab and try again.


  • 0

#10
Xenith

Xenith

    DIRTweb


  • 685 posts
  

Got it to work.


  • 0



Also tagged with one or more of these keywords: sniff, sniffing, lan, wan, wlan, wireless, cain and abel, cain, abel, cain & abel, passwords, facebook, youtube, accounts