Monday, August 24, 2009

Cain and Abel - Basic Terminogy Explained

Here are the terms and the options you'd stumble upon while using Cain. Each has been explained for you which will help you better understand the functionality of this application.

Sniffer Tab


Allows the user to specify the Ethernet interface and the start up options for the sniffer and ARP features of the application.


ARP Tab

Allows the user to in effect to fool the network and tell all hosts that you are actually a more important host on the network like a server or router. This feature is useful in that you can impersonate the other device and have all traffic for that device “routed” to you workstation. If the device that you are operating from can not keep up with traffic generated by this configuration, the target network will slow down and even come to a halt. This will surly lead to your detection and eventual demise as a hacker as the event is easily detected and tracked with the right equipment.

Filters and Ports

Most standard services on a network operate on predefined ports. These ports are defined under this tab. If you right click on one of the services you will be able to change both the TCP and UDP ports. But this will not be necessary for this tutorial, but will be useful future tutorials.

HTTP Fields

Several features of the application such as the LSA Secrets dumper, HTTP Sniffer and ARP-HTTPS will parse the sniffed or stored information from web pages viewed. Simply put, the more fields that you add to the HTTP and passwords field, the more likely you are to capture a relevant string from an HTTP or HTTPS transaction.

Traceroute

Trace route or the ability to determine the path that your data will take from point A to point B. Cain adds some functionality to the GUI by allowing for hostname resolution, Net mask resolution, and Whois information gathering. This feature is key in determining the proper or available devices to spoof or siphon on your LAN or internetwork.

Console

This is the command prompt on the remote machine. Anything that you can do on your pc from the CMD prompt can be done from here. Examples include mapping a drive back to your pc and copying all the files from the target or adding local users to the local security groups or anything really. With windows, everything is possible from the command prompt.

Hashes

Allows for the enumeration of user accounts and their associated hashes with further ability to send all harvested information to the cracker.

LSA Secrets

Windows NT and Windows 2000 support cached logon accounts. The operating system default is to cache (store locally), the last 10 passwords. There are registry settings to turn this feature off or restrict the number of accounts cached. RAS DUN account names and passwords are stored in the registry. Service account passwords are stored in the registry. The password for the computers secret account used to communicate in domain access is stored in the registry. FTP passwords are stored in the registry. All these secrets are stored in the following registry key: HKEY_LOCAL_MACHINE_SECURITY_PolicySecrets

Routes

From this object, you can determine all of the networks that this device is aware of. This can be powerful if the device is multihomed on two different networks.

TCP Table

A simple listing of all of the processes and ports that are running and their TCP session status.

UDP Table

A simple listing of all of the processes and ports that are running and their UDP session status.

For now, play around with Cain but be careful!


Cain can dangerous as it can bring the whole network down!

Still haven't configured Cain? Learn to do it now!

0 comments:

Post a Comment