Jump to content

Sniffing Around With Cain And Abel


llBlueCherry

Recommended Posts

K, first off I'd like to say I'm new to this but am quite impressed with this software. One day I decided to put it on my laptop and bring it to campus and sniff around just for fun. Here's what I did:

1. Open up cain

2. Sniffer tab --> Start sniffer --> Add to list --> All hosts in my subnet

3. Long lists of hosts show up...went to APR tab, added EVERYTHING it sniffed up. There had to be hundreds.

4. Start poisoning.

5. Fun begins: Open up password tab, HTTP links that students around me were visiting start pouring in. At the POP3 tab it managed to sniff out some kids college e-mail password. Like most colleges and workplaces, our e-mail accounts share the same user name and password as that we use in to log into our accounts on the campus network. Quite frankly I am rather shocked that it was so easy for anyone to do this, I mean I learned how to get this far from a few google and youtube searches...

Anyway, is there any way I can get more e-mail passwords? You know, of say an account that's more useful to me than some student? I'm not here to vandalize so getting account info of other students and dropping their courses or something like that isn't going to get me anywhere. Staff/admin account info, however...

I got a text file with details regarding what cain sniffed in the APR-POP3S, including what the Pop server is, if that helps.

Thanks. :D

Link to comment
Share on other sites

I'm pretty sure NOBODY is going to want to touch that file you have. Extremely illegal. I'm shocked the network admin didnt pick up on your ARP poisoning and come find you. You do not own the network, so don't run things on it.

This this this. College network admins are smart; I wouldn't be surprised if you get an email from them asking about why you did what you did.

Link to comment
Share on other sites

It reminds me of my college back in High School, he got canned for playing around with hacking tools. He used to show me all this cool stuff he did, like taking screen shots of people screen, logging every users PC activity, sniffing all their passwords and then checking out their emails.

He used to be really good but never liked respecting other peoples network. Anyway, you got what I mean and I would strongly advise you to drop what you are doing. Its illegal and frankly speaking could get you expelled. Now I don't know what your intentions are, but do this kind of stuff on your own network.

I know its cool what you did, but think about the consequences. Keep in mind that, everything you do on a network is being monitored and logged and it could be used against you, if they want to catch you. Now something you need to learn, is that when you do something illegal, never go around telling people what you did.

This can have serious consequences for you. I am telling you this from experience. So don't risk it play cool dude!

Edited by Infiltrator
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...