K, first off I'd like to say I'm new to this but am quite impressed with this software. One day I decided to put it on my laptop and bring it to campus and sniff around just for fun. Here's what I did:
1. Open up cain
2. Sniffer tab --> Start sniffer --> Add to list --> All hosts in my subnet
3. Long lists of hosts show up...went to APR tab, added EVERYTHING it sniffed up. There had to be hundreds.
4. Start poisoning.
5. Fun begins: Open up password tab, HTTP links that students around me were visiting start pouring in. At the POP3 tab it managed to sniff out some kids college e-mail password. Like most colleges and workplaces, our e-mail accounts share the same user name and password as that we use in to log into our accounts on the campus network. Quite frankly I am rather shocked that it was so easy for anyone to do this, I mean I learned how to get this far from a few google and youtube searches...
Anyway, is there any way I can get more e-mail passwords? You know, of say an account that's more useful to me than some student? I'm not here to vandalize so getting account info of other students and dropping their courses or something like that isn't going to get me anywhere. Staff/admin account info, however...
I got a text file with details regarding what cain sniffed in the APR-POP3S, including what the Pop server is, if that helps.
Thanks. :D
