Stealing passwords in LANs. Dis article is all abt daStealing passwords from LAN.
Requirement:: CAIN(from http://www.oxid.it/), a computer with ethernet card, and a LAN(obviously!)
Working Principle::
* Install CAIN.
* Now after installation start it.
* go to the configure option in menu bar and in 'SNIFFER' tab choose 'start sniffer on startup' and in 'APR(Arp poison routing)' tab you can fake your ip and mac address .
* Start sniffer by clicking a 'PCB' symbol next to the open button on the toolbar.
* Now in the main pane go to 'Sniffer' and press the '+' button in the toolbar.
* A window will popup select your range and select the 'All tests' option and click ok.
* A list of available hosts is printed.
* Now go to the APR tab in the lower part of the list pane.
* Then go to DOS Prompt, type 'ipconfig /all' without 's and note down the ipaddress of the gateway.
* Select the your target and the default gateway from the list and choose Start.
* Let the app do its work. The whole communication is filtered/routed (sniffed) through your computer.
* While you were ARP Poisoning if the target entered any password which was directed to the default gateway the password will be logged.
* You can check the password in the PASSWORD pane.
NOTE:-
* Do not misuse.
* CAIN can be only installed if you have administrator on the system.
* The local passwords will not be logged, only the passwords and usernames exchanged between the targets is logged.
* If you have a switched network some exploits or a simple DoS attack on the device could make it behave like hub this activity is possibly detectable.
* The thoughts and whole written are my own, and in anyway I am not responsible for any kind of harm by this tutorial.
SERIOUSLY FOR EDUCATIONAL PURPOSES!!
Post a Comment
I'm certainly not an expert, but I'll try my hardest to explain what I do know and research what I don't know. Be sure to check back again , after moderation i do make every effort to reply to your comments .