This tutorial is from “the antriddle forum” and was written by akapsycho.
This hack is actually pretty new (so IT folk may not be prepared for it yet). It uses cain & abel and its ability to use ARP poisoning. If you don’t know what that means, then DO NOT TRY THIS. You could take down a whole network.
Here are the steps:
Step 1: Download, install and run Cain & Abel at http://www.oxid.it/cain.html
Step 2: Click “Configure” in the top bar.
Step 3: In the “Sniffer” tab, click the adapter which is connected to the network to be sniffed, then click “Apply”, then “OK”.
Step 4: Click the “Sniffer” tab in the main window.
Step 5: Click the network card in the top bar (2nd icon from the left).
Step 6: Click the “+” button in the top bar.
Step 7: Select “All hosts in my subnet”, click “OK”. Entries should appear in the main window under the “IP address”, “MAC address” and “OUI fingerprint” headings.
Step 8: From the “Sniffer” tab, click “APR” in the bottom tab.
Step 9: Click the top right pane in the main window. Click the “+” button in the top bar.
Step 10: Click on the router in the left pane. The router is generally the entry which has the lowest final IP value (xxx.xxx.xxx.*). Highlight the IP addresses to sniff in the right pane. Click “OK”.
Step 11: Click the ARP icon in the top bar (3rd icon from the left). Wait until other users have logged into websites on other computers. Depending on the size of the network and the traffic which this network receives, this can range from minutes to hours.
Step 12: After some time has passed, click “Passwords” in the bottom tab.
Step 13: In the left pane, select the bolded entries. The right pane should show the time, server, username, password (in plaintext) and site accessed.
Doesn’t look like you can grab network admin info, more of a website user/pass hack. Its still pretty kewl though.
For more information a user called “bugmenot” posted these sites to learn what Cain is doing:
Check out the links below to learn exactly what Cain is doing…
I reccomend reading through those site before attempting this hack. Even if you are only testing your home network, you want to understand what you are doing. Hack to learn, remember?
Other than that, hack at it!!!
Legal: DO NOT TRY THIS AT WORK. In all likelihood your IT peeps will see what you’re doing and just walk right up to your office and “Have a chat”. Probably will get you fired. As for universities, I dunno the rules on that. Either way, as with most hacks I post, these are for instructional purposes only and not to be used on anyone’s network but your own. (i.e. if you get caught doing this TMBBITW is in no way responsible for what happens to you or your network.)