Jump to content

I don't quite get Cain and Abel and ethereal


PoyBoy
 Share

Recommended Posts

It would be really nice if some kind soul could explain the two and what they are used for.

Also, my friend got a wireless router, upgraded from wired, and he kept telling me that because he used a 64-bit (hehe) WEP encryption, that I wouldn't be able to crack it. My plan is that next time I go over to his house, and spend the night, or something, I was going to bring a cheap laptop with my wifi card (usb, if it makes any difference) and plug it in someplace inconspicuous and let it run. Only problem is, I lack the understanding of the above tools to properly audit trafic running through a network. The other problem is that I believe his main computer, which is the only one besides a nintendo DS, is wired directly to the router. Is there a way around this to allow snooping? Maybe plugging the laptop into the router also?

Also, One more question: are the WEP keys stored locally on a machine?

I have no idea. Any help would be apreciated!!!!

***post if you need more info on something!!!***

-PoyBoy the hacking unenlightened (as of yet!!)

Link to comment
Share on other sites

First off I'd like to thank you for asking intelligent, coherant questions. :) We don't see enough of that around here.

You asked a lot of questions, so I'm only going to touch on a few and let someone else fill in the blanks.

Ethereal is a tool for grabbing data as it flows through the network.

http://en.wikipedia.org/wiki/Ethereal

Cain & Abel is an easy to use program which combines many different security and password-related tools.

http://www.oxid.it/cain.html

There are tutorials for both all around the web. Search google and watch Hak.5 episodes 3 & 4. (I think it was those)

As you may know, a WEP key (especially only 64-bit) is very insecure. It's very possible that a skilled individual could crack it in a matter of a few minutes.

(if you want more information relating to this, go to http://grc.com/securitynow.htm and listen to the shows from the beginning. 10, 11, and 13 are specifically related)

You probably won't be able to snoop traffic from a computer if it's wired in.

Security Now ep.10 explains this more. (and it's mentioned in 15, 16, 29, and probably others)

WEP keys are in fact stored on the computer. Cain & Abel could be used to retrieve them as they are normally hidden. Obviously, a computer that is plugged in to the router will not need this key and will not have it. And you can't run C&A on a DS ;)

It is possible to run Cain off of one of those USB flash drives so maybe that would work if you have a few minutes of access to a computer of his that's wireless, but don't want to install anything.

As far as actually cracking the WEP key (without touching his computers), that's very possible, but can be hard if you don't have the experience and are still learning. Download this episode to get an idea of what it involves: http://stashbox.fromtheshadows.tv/download.php?b=3.0

I hope that helps a bit.

EDIT: w00t! 100th post!! :)

Link to comment
Share on other sites

also for wep cracking this

is what tought me to do. i just like the deuath attacks on wifi areas

Yeah, pretty great article. The guy who wrote it shows you how to do parts of it in that FromTheShadows episode I pointed out.

I also noticed this one on digg today.

Link to comment
Share on other sites

I would not concern your self about this however, in my experiance schools higher people with Microsoft certificates to maintain there network, these kind of people don't know what a TCP or UDP packet is... alot of the time...

Link to comment
Share on other sites

I'd also say you don't have a lot to worry about, but for a rather different reason:

Do you have ANY IDEA how much traffic goes across a school network on a daily basis? They only way they're gonna find out you're messing about is if you go ouot of your way to stand out in the traffic, or if they were already keeping an eye on you in the first place.

I also don't know many schools who can afford to have their admins keep an eye on the students. They're WAY too busy keeping the systems running and pached up, installing and testing new software, administerring the network and what have you.

Link to comment
Share on other sites

First off I'd like to thank you for asking intelligent, coherant questions. :) We don't see enough of that around here.

You asked a lot of questions, so I'm only going to touch on a few and let someone else fill in the blanks.

Ethereal is a tool for grabbing data as it flows through the network.

http://en.wikipedia.org/wiki/Ethereal

Cain & Abel is an easy to use program which combines many different security and password-related tools.

http://www.oxid.it/cain.html

There are tutorials for both all around the web. Search google and watch Hak.5 episodes 3 & 4. (I think it was those)

As you may know, a WEP key (especially only 64-bit) is very insecure. It's very possible that a skilled individual could crack it in a matter of a few minutes.

(if you want more information relating to this, go to http://grc.com/securitynow.htm and listen to the shows from the beginning. 10, 11, and 13 are specifically related)

You probably won't be able to snoop traffic from a computer if it's wired in.

Security Now ep.10 explains this more. (and it's mentioned in 15, 16, 29, and probably others)

WEP keys are in fact stored on the computer. Cain & Abel could be used to retrieve them as they are normally hidden. Obviously, a computer that is plugged in to the router will not need this key and will not have it. And you can't run C&A on a DS ;)

It is possible to run Cain off of one of those USB flash drives so maybe that would work if you have a few minutes of access to a computer of his that's wireless, but don't want to install anything.

As far as actually cracking the WEP key (without touching his computers), that's very possible, but can be hard if you don't have the experience and are still learning. Download this episode to get an idea of what it involves: http://stashbox.fromtheshadows.tv/download.php?b=3.0

I hope that helps a bit.

EDIT: w00t! 100th post!! :)

Ethereal is so much more than that.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...