Hacking mode via LAN Using Wireshark and Cain & Abel
Before that, I apologize if this technique is not a fresh technique in the world of hacking, but the technique can still be used and the majority of network hubs & switches network receipts that are not encrypted.
Why not encrypted?
* Network administrators were mainly IT specialists in creating the program, not in the Network Security
* If the encrypted bandwidth required will increase and of course the internet is already slow this going more slowly and eventually an error page
* The price is not cheap to obtain the encrypted
The difference between a network Hub and Switch:
* On a network hub, all data that flows in the network can be viewed / retrieved by any computer on the network when the computer is requesting the data, if not requested it will not come.
* On the network switches computer only to exchange data that can be seen the data, other computers are not entitled to requesting the data.
The problem is the price of the router hubs and switches do not differ greatly so most places are now using a method that makes it difficult for network switches hacking.
Hacking is using technique:
* Sniffing
* ARP Poison Routing
Both the above techniques will not be prevented by any firewall on the victim's computer, guaranteed.
Important Note: ARP Poison Routing can cause denial of service (dos) on one / all the computers on your network
Pros:
* It will not be detected by the firewall types and any series because of his weakness lies in not on the computer network system
* Can steal all kinds of login password via the HTTP server
* Could someone stole all the login passwords on the network during the course enabled Hub
* For the ARP Poisoning can be used to steal passwords in HTTPS
* All free programs
Disadvantages:
* To network switch must be in the ARP poisoning one by one and your bandwidth will be eaten away a lot for it (if inet super fast ga problems)
* Busted / not by the network administrator outside of my responsibilities
Start here assume that the network in this story there are three computers, namely:
* Computer Victims
* Computer Hacker
* Server
The differences between the network switches and network hubs:
First steps:
1. Check your network type, you are on a network switch / hub. If you are in a network hub, thanks for your hacking process will be much easier.
2. Download the required programs that is Wireshark and Cain & Abel.
Code:
http://www.wireshark.org/download.html
http://www.oxid.it/cain.html
How to Use Wireshark:
* Run the program wireshark
* Press the Ctrl + k (capture and then click option)
* Make sure the content on your Card Ethernet interface is leading to the network, if not replace and make sure that "Capture packets in promiscuous mode" on
* Click the start button
* Click the stop button after you are sure that no password is entered as long as you press the start button
* You can see all types of incoming and outgoing packets on the network (or on your computer only if your network uses Swtich
* To analyze data right click on data to be analyzed and click "Follow TCP Stream" and congratulations to analyze the package (I will not explain how because I can not)
* What is clear from the data in it there must have been entered informasi2 victim to the website and vice versa
The way above will only apply if your network is not a switch Hub
From the above way you can know that your network is a hub / switch with respect to the column IP Source and IP Destination. If at any one of the two lines is your ip so you can be assured the network is a network switch, if not ya mean the opposite.
How to Use Cain & Abel:
* The use of this program is much easier and simple than using wireshark, but if you want all the packets that have been in and out of your use of the program recommended wireshark
* Open the program you Cain
* Click on the configure
* In the "Sniffer" select ethernet card you'll use
* In the section "HTTP Fields" you must add fields username and password fields when you want it not on the list.
For example when inggin steal / hack password FB Friendster or you should add the username fields and fields passworsd name says, for others you can find it by pressing the right click view source and you should seek the input variables from the website login and password. That are already in default rasanyan already quite complete, you can steal the pass is in klubmentari without adding anything.
* After that apply and click ok settingannya
* On the main menu there are eight tabs, and that will be discussed only one tab ie tab "sniffer" because it is the tab select and do not pindah2 of the tab to prevent your own confusion
* Activate the sniffer sniffer by clicking the button at the top of these tab2, look for the button whose writing the "Start / Stop Sniffer"
* If you are on a network hub today you are able to know the password that is entered by clicking the tab (this time under the existing tab instead of in the middle, the middle is no need to click-click again) "Passwords"
* You can just choose a password from which the connection you want to see will be registered there
* If you turned on the switch network, this requires more struggle, you must activate the APR which is on the right tombolonya Sniffer (And this is not guaranteed to succeed because of the switch manage much more complete and secure from the hub)
* Before activated at the bottom of the sniffer tab select APR
* It will be seen two pieces that are still empty list, click an empty part of the list then click the "+" (shaped like it) that exist in the ranks APR sniffer button etc.
* There will be two fields of fruit which contains all the hosts that exist on your network
* Connect the victims ip address ip address and gateway servers (to know the address of the gateway server on the comp you click start select run type cmd then type ipconfig at the command prompt)
* Once the new switch the APR, and all the data from the victim to the server comp you can see in the same way.
You can run both programs at the same time (for APR Cain and wireshark for packet sniffing) when you want maximum results.
You can steal the password is the password in HTTP server (the server that is not encrypted), if such data exist on the server is encrypted then you have to decrypt the data before obtaining a password (STEP 2 and it will require a much longer than the way this hack )
0 comments:
Post a Comment