- Install CAIN.
- Now after installation start it.
- go to the configure option in menu bar and in 'SNIFFER' tab choose 'start sniffer on startup' and in 'APR(Arp poison routing)' tab you can fake your ip and mac address .
- Start sniffer by clicking a 'PCB' symbol next to the open button on the toolbar.
- Now in the main pane go to 'Sniffer' and press the '+' button in the toolbar.
- A window will popup select your range and select the 'All tests' option and click ok.
- A list of available hosts is printed.
- Now go to the APR tab in the lower part of the list pane.
- Then go to DOS Prompt, type 'ipconfig /all' without 's and note down the ipaddress of the gateway.
- Select the your target and the default gateway from the list and choose Start.
- Let the app do its work. The whole communication is filtered/routed (sniffed) through your computer.
- While you were ARP Poisoning if the target entered any password which was directed to the default gateway the password will be logged.
- You can check the password in the PASSWORD pane.
- Do not misuse.
- CAIN can be only installed if you have administrator on the system.
- The local passwords will not be logged, only the passwords and usernames exchanged between the targets is logged.
- If you have a switched network some exploits or a simple DoS attack on the device could make it behave like hub this activity is possibly detectable.
- Anyway I am not responsible for any kind of harm by this tutorial.
0 comments:
Post a Comment