Paralys Posted January 5, 2007 Share Posted January 5, 2007 Well, I don't mean to sound like a skiddie, and this will. But I have a few questions. Nor do I intend to use these tools for anything malicious, only very curious as to how they work and how secure they actually are. Well here we go (flame away if you find it n00bish, and yeah, I read the documentation for all this stuff too so RTFM wont help lol) I've been trying to learn more programming and hacking by using my own knowledge not skiddie tools. Though after this long, I've decided even though theyre sorta n00bish, I at least should understand how to use them. 1.) When I'm running Cain and Abel, it has a choice for IP Spoofing, I assume I can put a proxy server in here, if I'm incorrect someone please explain how IP Spoofing works. 2.) When I tried scanning my own home network with Cain and Abel, I get an error message and the program closes itself when I try to read the packets that it's caught. It's the whole "process has preformed an illegal action and needs to close" spill. 3.) If I ran a packet sniffer on a network what data would it give away that could be traced back to me. (once again, I only wish to know how to do this because how the programs work interest me greatly.) 4.) Where can I get more wordlists for Brutus (I realize that brute forcing is a last resort, extremely obvious option.) 5.) When I'm using a proxy on the net, does it keep logs of my actions, and also, am I tracable if I'm on a proxy? Could someone teach me how to trace myself when I'm behind a proxy? 6.) And finally, if I disconnect from a proxy, am I still tracable? Please don't flame, I've not really bothered working with these tools until now, and I'm having a small amount of trouble understanding them. Thanks everyone. Have a nice '07. Paralys Quote Link to comment Share on other sites More sharing options...
Sparda Posted January 5, 2007 Share Posted January 5, 2007 1.) When I'm running Cain and Abel, it has a choice for IP Spoofing, I assume I can put a proxy server in here, if I'm incorrect someone please explain how IP Spoofing works. IP spoofing is where the packets you transmit are 'miss labelled' with an IP address that isn't the one assigned to your computer. 2.) When I tried scanning my own home network with Cain and Abel, I get an error message and the program closes itself when I try to read the packets that it's caught. It's the whole "process has preformed an illegal action and needs to close" spill. Try reinstalling cain 3.) If I ran a packet sniffer on a network what data would it give away that could be traced back to me. (once again, I only wish to know how to do this because how the programs work interest me greatly.) The idea of packet sniffing is to listening to network traffic (the key word here been listening). 5.) When I'm using a proxy on the net, does it keep logs of my actions, and also, am I tracable if I'm on a proxy? Could someone teach me how to trace myself when I'm behind a proxy? Yes and yes, usually you will only be 'traced' (as you put it) if any actions you performer that you are not supposed to are brought to the attention of the server admin. 6.) And finally, if I disconnect from a proxy, am I still tracable? What do you mean by this? Quote Link to comment Share on other sites More sharing options...
Ain_Soph_Aur Posted January 5, 2007 Share Posted January 5, 2007 I also have a question about this. If I use the "MITM" attack, (the one like in ep3) can anyone track me down, or is it silent so none ever will know? Quote Link to comment Share on other sites More sharing options...
Sparda Posted January 5, 2007 Share Posted January 5, 2007 Some firewalls can detect ARP spoofing attacks and prevent them from working. Quote Link to comment Share on other sites More sharing options...
PoyBoy Posted January 6, 2007 Share Posted January 6, 2007 A sharp admin MAY pickup on too much ARP traffic, but chances are, nobody will notcie Quote Link to comment Share on other sites More sharing options...
Paralys Posted January 6, 2007 Author Share Posted January 6, 2007 @ Sparda As far as the spoofing goes, I'm still a bit confused, can I use a proxy as the fake IP or do I use another IP that is on the network already? and also, what I mean about the last proxy question is, lets say I did something and then someone tried to find me even though I was behind a proxy, if I disconnected from the proxy am I still traceable? or is my IP recorded in the logs of that proxy server. (Also, if anyone could show me how to find myself when I'm behind a proxy, that would be cool too.) Quote Link to comment Share on other sites More sharing options...
ichthuz Posted January 6, 2007 Share Posted January 6, 2007 <offtopic> this is a perfect example of good newbie questions that are not like 1 am t3h l33tzor haxor now h0w dooox i h4x teh m$ hotm4ail. adresses. tell me or i will f0x y0ur m0mxxx you'll notice that when people are bs ing sparda takes them down. on this one he recognised good questions and responded respectfully. way to go Paralys. </offtopic> 6.) And finally, if I disconnect from a proxy, am I still tracable? i think he means can he be traced after the fact. like if he uses anonymizer can the FBI subpoena them for logs and trace him a month later. the answer is yes... but you arent doing anything you shouldnt anyway ;-) Quote Link to comment Share on other sites More sharing options...
Sparda Posted January 6, 2007 Share Posted January 6, 2007 As far as the spoofing goes, I'm still a bit confused, can I use a proxy as the fake IP or do I use another IP that is on the network already? You can use any IP address, you can even use the local loop back address. and also, what I mean about the last proxy question is, lets say I did something and then someone tried to find me even though I was behind a proxy, if I disconnected from the proxy am I still traceable? or is my IP recorded in the logs of that proxy server. Yes, all activity is usually logged and stored for a certain amount of time. Quote Link to comment Share on other sites More sharing options...
VaKo Posted January 6, 2007 Share Posted January 6, 2007 You could just compromise someone else's server or VPS, and proxy threw that. Yeah, its illegal and isn't nice for the server owner, so if you do it, don't take the piss, keep the traffic low and keep your entry points secure so no one else can follow you in. When you don't need it anymore, lock yourself out of the server again. That way your at least being an honest & respectful criminal. The public proxy's you can find with google should never be used for anything you don't want other people knowing about. You could also try tor or similar. Quote Link to comment Share on other sites More sharing options...
Teengeek Posted January 6, 2007 Share Posted January 6, 2007 Bah why use a proxy when you've TOR TOR rules and from my understanding of TOR its very hard to trace Linux Live CD with TOR installed http://www.jk.net.au/tech/index.php?do=go&...ytternhagen.de/ Quote Link to comment Share on other sites More sharing options...
Paralys Posted January 6, 2007 Author Share Posted January 6, 2007 @ ichthuz Thanks, that was exactly what I was asking about the proxy, I figured they were logged but I wasn't sure. @ Sparda Thanks for all the help on this, though I don't plan on using Cain and tools of that nature often, I though it would be rather useful to understand how they work, not only for hacking, but I was also seeing how much I could spy on myself (just to know how secure all the stuff on my own network is). @ Vako I've heard of people going through others computers to do that before, If you could send me some sort of tutorial on how to do this (and more preferably, how to make my network safe against it.) Thanks for all the help so far everyone. Also, still curious as to how to trace myself back through a proxy. Quote Link to comment Share on other sites More sharing options...
ichthuz Posted January 7, 2007 Share Posted January 7, 2007 [quote="Teengeek"and from my understanding of TOR its very hard to trace quite obviously you dont understand TOR. tor is not hard to trace, tor is impossible to trace unless ALL the routers are compromised. all data is layered in encryption and padded to be unrecognizeable and untraceable Quote Link to comment Share on other sites More sharing options...
Sparda Posted January 7, 2007 Share Posted January 7, 2007 quite obviously you dont understand TOR. tor is not hard to trace, tor is impossible to trace unless ALL the routers are compromised. all data is layered in encryption and padded to be unrecognizeable and untraceable Nothing is impossible. Quote Link to comment Share on other sites More sharing options...
SomeoneE1se Posted January 7, 2007 Share Posted January 7, 2007 and from my understanding of TOR its very hard to trace quite obviously you dont understand TOR. tor is not hard to trace, tor is impossible to trace unless ALL the routers are compromised. all data is layered in encryption and padded to be unrecognizeable and untraceable quite obviously you dont understand TOR's exploits. There are a few ways to get the IP from someone using TOR Quote Link to comment Share on other sites More sharing options...
Paralys Posted January 7, 2007 Author Share Posted January 7, 2007 Ok, this'll sound worse than my other questions probably lol but I'm assuming TOR is the same as TORpark? Also, my laptop has a small slot/tray sort of thing on the front which is where my HD goes in, since the drive and the door for it still holds on well without the screws for it, I took them out and can now switch hard drives in somewhere around 25 seconds. Let's say I was using one of these tools (or doing anything as far as a hack goes) that could be traced by IP address, and then I spoofed my IP, out of curiosity, if I switched my drive then would it be possible to find out that that computer was the one running the tools? (I'm not aware of any way that it could store anything about it on the new hard disk.) Quote Link to comment Share on other sites More sharing options...
moonlit Posted January 7, 2007 Share Posted January 7, 2007 I think the only way to identify the computer after switching disks would be the NIC's MAC. This can be spoofed though so it's still not 100% identification. Quote Link to comment Share on other sites More sharing options...
Paralys Posted January 7, 2007 Author Share Posted January 7, 2007 I think the only way to identify the computer after switching disks would be the NIC's MAC. This can be spoofed though so it's still not 100% identification. I hate to ask for so much, but do you have any links on how to spoof a MAC, I'll be googling for it until I come back to check this thread. Quote Link to comment Share on other sites More sharing options...
cooper Posted January 7, 2007 Share Posted January 7, 2007 The way I understand it it's something like this: By default, the computer will tell the card to just send *THIS* as a packet out there. The card will wrap it up in an ethernet frame, filling in all the fields for you, and sending it on it's way. An alternative if to tell the card to just inject a bunch of bits into the network. This will require elevated privileges on the sending machine, as it does quite literally allow you to send any sequence of bits that you feel like, even though the machine is supposed to adhere to the network protocols and such. When you do things like this however, you can format that bunch of bits in such a way that it becomes a legal ethernet frame, but with the contents of your choosing. You can replace any field in the frame, including the part that hols your MAC address. Quote Link to comment Share on other sites More sharing options...
VaKo Posted January 7, 2007 Share Posted January 7, 2007 @ VakoI've heard of people going through others computers to do that before, If you could send me some sort of tutorial on how to do this (and more preferably, how to make my network safe against it.) 1: find somewhere with simple admin passwords (like the guy who complained to me that his dedicated windows server, with a admin pass set to "Password1", had been hacked). 2: get in, and install a proxy 3: route your traffic threw that. (for bonus points - 4: When your done, email/message the admin and tell him/her that there server is wide open to the world. Explain how this should be fixed.) When it comes to hacking people's servers, I have no real skill at all. I just look for the ones run by people with less sense than me, and work out what they've left open. No point in trying to fight your way threw semi-decent sercurity when the guy next door has none. Blank or stupid passwords are like living in the hood and forgetting to install locks. Quote Link to comment Share on other sites More sharing options...
Paralys Posted January 7, 2007 Author Share Posted January 7, 2007 The way I understand it it's something like this:By default, the computer will tell the card to just send *THIS* as a packet out there. The card will wrap it up in an ethernet frame, filling in all the fields for you, and sending it on it's way. Card? I assume you meant wireless card, however, in this case I was running Cain though a wired network. It does still catch packets from a wired network as long as I'm plugged in doesn't it? @ Vako Though I like the whole White Hat aspect of sending them a mail to fix it before someone does something really stupid to their network, doesn't it make you feel a bit uncomfortable to send an email to someones network that you just hacked? I mean, kinda like you're letting out too much information about yourself? Quote Link to comment Share on other sites More sharing options...
moonlit Posted January 7, 2007 Share Posted January 7, 2007 Well there are ways of doing it on wired and wireless networks as far as I know since they're all actually ethernet and wires or no wires, it's all the same thing. Quote Link to comment Share on other sites More sharing options...
VaKo Posted January 7, 2007 Share Posted January 7, 2007 @ VakoThough I like the whole White Hat aspect of sending them a mail to fix it before someone does something really stupid to their network, doesn't it make you feel a bit uncomfortable to send an email to someones network that you just hacked? I mean, kinda like you're letting out too much information about yourself? If you cover your tracks you should be able to get away with it. Obviously saying "hey hey hey fool, I be pwning massive hard on your b0x. Port 8443 be wicked unsecured. Word." with your personal email is a bad idea. But a throw away mail account, tor and a quick email saying "I've noticed that your server isn't setup in the most secure fashion, here is a list of the problems, here is how to fix it and here are the details of the tech support team you need to contact if you need to discuss this with anyone." If you have been stealing someone else's resources for your own needs, telling them that much is kinda a karma balancer imo. Quote Link to comment Share on other sites More sharing options...
Paralys Posted January 7, 2007 Author Share Posted January 7, 2007 Well, one last question and I suppose this thread is more or less finished (unless anyone else has anything to add). Tor is the same as TORpark, right? Quote Link to comment Share on other sites More sharing options...
VaKo Posted January 7, 2007 Share Posted January 7, 2007 TORpark is just a modded version of Deerpark (firefox) which uses the TORnetwork. Quote Link to comment Share on other sites More sharing options...
Paralys Posted January 7, 2007 Author Share Posted January 7, 2007 Oh, ok, I remember watching the episode with this (tor) in it now. Wow, feel sorta dumb for that one lol. Thanks Vako and thanks for your help everyone. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.