Jump to content

Cain & Abel


tltltititltl

Recommended Posts

Hey! I remember watchin a segment where u guys used cain & abel for arp cache poisoning. I noticed that u were using a dell notebook as well. I currently am using a dell laptop as well and i was wondering if u can use the wireless connection for the sniffer. I couldnt find any mac addresses using the intel pro wireless adapter and on the adapter list, there is also a warning about using an ethernet adapter. I was wondering if u can use a wireless for the sniffer.

Thx

Link to comment
Share on other sites

yes, you can used wirless to ARP poison and thefore create a man in the middle attacxk, but since it's a wireless network, simply puttign ur card in passive mode, and runnign a program such as etherial shoudl do the trcik.. Cain&Abel, does help you by catching passwords, as well as helpign crete fake cirtificates for SSL cross site scriting attacks

Link to comment
Share on other sites

Cain & Able doesn't work that well with wireless setups in my expirence. You can haX0r people using wireless from a cabled connection, but not vice-versa or wireless to wireless.

However, if you slap a linux live disc in there, and cable it in, you see EVERYTHING with ethereal.

Link to comment
Share on other sites

In this particular scenario it might help to understand what Cain is actually doing.

To be honest you don't need to use ARP poisoning to read unencrypted traffic. Really, it's just a matter of firing up Ethereal and having a look at what you get. If you're not associated with the network then you can pop the card into passive mode (easier in Linux than Windows, but it's possible), if you are associated then you're good to go.

All Cain really does is log packets recieved on the interface and look through them for passwords. If you look at Ethereal and log into an unencrypted HTTP Authenticated page you can quite easily spot the packets which contain the password. Cain just makes this easier by putting it into a nice Windows API listbox for you.

In a wired-switched environment, you would need ARP poisoning to make each host send their packets to you before the send them to the gateway. Otherwise the switched network would not forward any packets which are not destined for your host, and you would only see the traffic between you and the gateway. This is the primary use for ARP poisoning.

Link to comment
Share on other sites

  • 6 years later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...