Step 1: First download The Cain And Abel Application
Website: Click Here.
Direct Download: Click Here.
Step 2: Now Install the Application And After that Open it.
It will look like this
![[Image: 26759668.jpg]](http://img825.imageshack.us/img825/2504/26759668.jpg)
Step 3: Click on the SNIFFER tab at top And the Host tab at the bottom.
Now we should to configure the sniffer, you should choose what network device you want the sniffer to use (use one of the devices connected to the network that you want to monitor)
Step 4: Click Configure in the toolbar and you will see this Configuration Dialog.
Choose your network device.
![[Image: 25408317.jpg]](http://img823.imageshack.us/img823/2910/25408317.jpg)
Step 5: Now Start Sniffing on the selected Device. For that You have to click on the sniffing button (1). Then on '+' button (2).
![[Image: 58474071.jpg]](http://img819.imageshack.us/img819/9091/58474071.jpg)
When you click on the '+' button Mac Address Scanner menu will pop-up. This will sniff for devices in the range you set.
The easiest thing to do to select 'All host in my Subnet' and then Click OK.
![[Image: 95168851.jpg]](http://img52.imageshack.us/img52/5358/95168851.jpg)
Now it will start scanning the network for devices on that network.
![[Image: 88128926.jpg]](http://img835.imageshack.us/img835/1060/88128926.jpg)
The devices found will be shown up in the background during the scan.
Step 6: Now we Should Start the ARP POISONING.
For that, First Click on the ARP tab.
Keep the SNIFFER tab selected too.Now in the left column click ARP and the + should be blue. Click on it.
Now a menu like this will pop-up.
![[Image: 83202361.jpg]](http://img820.imageshack.us/img820/2426/83202361.jpg)
The left side column is where you select the ROUTER.
Mine for example is 192.168.1.1.
After selecting that the Other devices on the network will show up in the right hand column.
Select them all or what ever IP's you want to sniff for traffic.
![[Image: 70338696.jpg]](http://img192.imageshack.us/img192/8959/70338696.jpg)
Step 7: Now we should start POISONING the devices.
So Click the Toxic icon next to the Sniffer button.
All the status's should turn to poisoning and in the lower cells you might
start seeing traffic going in and out.
![[Image: 67218982.jpg]](http://img3.imageshack.us/img3/6242/67218982.jpg)
Step 8: After seeing some traffic flowing in and out, You should look for passwords.
So now on the lower tab click PASSWORD.
Now the password list will show up. On the right hand side it will show up what type od password it is. For example HTML5, Pop3 (email) and more.
Here is the Example Log I Got.
![[Image: 34071615.jpg]](http://img405.imageshack.us/img405/9793/34071615.jpg)
As you can see it's a little messy but you can see in one of the logs the
username HACKFORUMS and the password is TEST1234.
If you also take note the Userfeild and Passfeild are
username= and password= which may make it easier to filterer when you get more logs.
Enjoy Sniffing :)
No comments:
Post a Comment