How to do Sniffing Attack with Cain complete tutorial

http://m14hackersworld.blogspot.com
How to do Sniffing Attack with Cain complete tutorial


Hello friends today i am explaining Sniffing the packet capturing technique.
A Sniffer is an application or device that can read, monitor, and capture network data exchanges and read network packets. If the packets are not encrypted, a sniffer provides a full view of the data inside the packet.



Using a sniffer, an attacker can do any of the following:
a) Analyze your network and gain information to eventually cause your network to crash or to become corrupted.
b) Read your communications.

UNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. They are usually right, but Cain & Abel is a glaring exception. This Windows-only password recovery tool handles an enormous variety of tasks.

It can recover passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.
Sniffing LAN passwords using Cain & Abel. Download Here
(Works only for ethernet netwoks)


STEP 1- Run Cain and Abel

STEP 2-Now click on the sniffer tab, right click and select Scan MAC Addresses. You will get a window like this:

STEP 3-Check "All tests" and click OK. Cain & Abel will start scanning the MAC addresses in your subnet. This may take a couple of minutes. Once you have a list of hosts for poisoning, start the sniffer and APR (ARP Poison Routing).

STEP 4-All HTTP connections to the scanned hosts will be redirected to your computer and then from your computer will be sent to the host's computer. When the host will fill the HTTP form, the data will be sent to the server through your computer. Cain & Abel keeps a list of form field names. It will extract the values of the fields with the name matching with that in its database.

To view the captured passwords, click on the "Passwords" tab from the lower tabs and click on HTTP in the Left pane. You can see the captured username and passwords in the right pane along with the URL of the page where the password was input.
Previous
Next Post »