Friday, September 4, 2009

Cain and Abel - Using the sniffer to get passwords in 15 STEPS!

Okay, so now when you've learnt all the basics of Cain and Abel and the cracker, let's get to the real business. You are now ready to use the sniffer to get the passwords of the people who are on the same network as you. This is unbelievably simple and also warns us of the dangers we are prone to while we are on a network.

Make sure that you've configured Cain before moving on to read this article. If you still haven't configured it, look at the links at the bottom of this article.

So here is what you have to do:

1>>Open Cain and first of all click on the 'Start sniffer' button in the right top corner of your screen beside the radioactivity sign button. Don't worry you're just activating the sniffer.

2>>Now click on the sniffer tab. It should be blank if you're using it for the first time.

3>>Right click and select 'Scan for MAC addresses' and without touching anything click OK.

4>>Now you have a list of IP addresses and MAC addresses on your network.

5>>Now click on 'APR' tab at the bottom beside the 'hosts' tab.

6>>The function of APR is to Hijack the network traffic and pass it through your computer.

7>>Now single click in the upper segment of the empty form-like space on the right side of the window.

8>>Click on the blue PLUS sign (+) on the top which is meant to add new addresses to poison and sniff.

9>>Here, on the left side you have a list of available addresses. I prefer selecting the address of the router so select the address of the router and then on the right side select the addresses of the computers you want to sniff. You can choose as many computers as you like.

10>>Now just click okay and you'll see that address listed in the upper segment of your screen.

11>>Select the addresses with your mouse and click on the 'Start APR' button which appears like a radioactivity sign.

12>>Bingo! You just started sniffing and poisoning the network.

13>>Now click on the 'Passwords' tab at the bottom and here you have a list of all the activity going on and you can sneak the passwords from here.

14>>For web passwords see the HTTP tab and if you want the login information just click on 'SMB' on the left side of your screen where there is a list of the type of passwords available.

15>>From here, select the password you want to crack, right click it and send it to the cracker.

If you still don't know how to use the cracker, refer to the links below.

Related Posts

Still haven't configured Cain? Learn how to configure it!

Learn how to use the Cain's cracker for a Dictionary Attack to crack passwords!

Learn to use Rainbow Tables to crack passwords!

Want to watch the above tutorial as a video? Click HERE.


Post a Comment