Hack Computers using Cain and Abel
, Posted by Sahil™ at 2/26/2010 11:34:00 PM
Cain and Abel (sometimes called simply "Cain") is a Windows password recovery tool. It can recover many kinds of passwords using methods such as network packet sniffing, cracking various password hashes by using methods such as dictionary attacks, brute force and cryptanalysis attacks. Cryptanalysis attacks are done via rainbow tables which can be generated with the winrtgen.exe program provided with Cain and Abel. Cain and Abel is maintained by Massimiliano Montoro.
Cain & Abel is a useful tool for network administrators, teachers, security consultants/professionals, forensic staff, security software vendors, professional penetration tester and everyone else that plans to use it for ethical reasons.
Status with virus scanners
Some virus scanners, notably Avast! detect Cain and Abel as 'malware' "Win32:Cain-B [Tool]". It's classified in Avast! as "Other potentially dangerous program". The author, and owner of oxid.it states that his programs are not Malware. Even if Cain's install directory, as well as the word "Cain", are added to Avast's exclude list, the real-time scanner will stop Cain from functioning. The latest version of Avast no longer blocks
The Tutorial:
* Download Cain and Abel from www.oxid.it
* Should have a switched LAN. (Most ISPs other than BSNL provide broadband via LAN, e.g. SIFY, HATHWAY, local Cable internet connections)
* Any Microsoft Windows operating system.If you are not sure about being on a switched network, continue the steps, until you find out.
1. Download and install Cain and Able from the link given above.
2. Start Cain and Abel (requires admin privileges in Vista), go to the sniffer tab, click on the configure menu, select your NIC, check 'start sniffer on startup', press 'OK'.
3. Click on the 'Start / Stop Sniffer' (the 2nd) button on the toolbar. Now click the blue '+' (plus) sign (this is the 7th button on the toolbar). Check 'All Tests' and click 'OK'.
4. After the scan is complete, if you are on a switched network then, you must be able to see many IP and MAC addresses in this pane. If you don't see any IP other than your own, probably you are not on a switched network.
5. Notice the tabs on the bottom, HOSTS, APR, Routing, Passwords, and VoIP. You are currently on the HOSTS tab, select the APR tab click on the 'top pane' and click the 'blue +' (7th on toolbar).
6. Now you will again see the IP & MAC address (in the left pane) you saw in Step 5. From this list, select your 'Gateway IP', (this will mostly be something like 192.xxx.xxx.1 or 10.xxx.xxx.1 etc; check your network properties for more info on gateway.) after selecting your 'Gateway IP Address' (now some IP will appear on the right); drag and select all the entries in the right pane, and click 'OK'.
7. Now click on the 'Start/Stop APR' (the 3rd) button on the toolbar. You will see 'HALF ROUTING' and 'FULL ROUTING' entries in the lower pane.
8. Now go to the Passwords tab on the bottom. Slowly you will see passwords appearing in this section; most will be under HTTP.
The password section gives you full details on the capture, including Username, password, URL, etc. Any person who was online during the time you completed Steps 3 – 5, will be affected, and you will have access to their passwords.
Currently have 0 comments: