Cain and Abel not sniffing network activity..

Discussion in 'Ethical hacking' started by faraz_k86, Apr 24, 2010.

  1. faraz_k86

    faraz_k86 New Member

    Joined:
    Apr 23, 2010
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    0
    Hello :)

    I found this site 2 days back and loved it and have been reading and learning ever since.. I tried to learn sniffing first.. for that I chose 2 applications. ... ettercap and cain and abel..

    I tried ettercap first in my ubuntu installation but it seemed to work only in the terminal and even then it gave me just garbage.. none of the responses made sense.. also the gtk version of ettercap would just hang up on saying, "starting sniffing" or somthing around the lines..

    But my post here is about cain and abel.. I read the built in help and did according to their text.. here is what I did..

    I went to the sniffer section and scanned for mac addresses, from config i chose, dont use promiscuous mode, then clicked on start sniffer and then start APR..

    after that nothing seems to happen.. forget password sniffing I cant even sniff the sites I browse from my other test computer. at the bottom it just says "Lost packets: 0%"

    P.S. I am connected to my router via wlan whereas my target test computer is connected via LAN cable

    help plz :)
     
  2. faraz_k86

    faraz_k86 New Member

    Joined:
    Apr 23, 2010
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    0
    k never mind... i got it to work.. the problem was that I did not slect the hosts on the right side of new APR poison routing menu..

    now that it is doing something.. it was able to catch my password.. the one my msn messenger used.. but it still did not show me any browser activity..

    am I doing something wrong?
     
  3. faraz_k86

    faraz_k86 New Member

    Joined:
    Apr 23, 2010
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    0
    why cant i edit the post i just made?

    anyways.. i also dont understand the cracker function.. in the password section of sniffer.. i can choose "send all to cracker" but after that i dont know what to do with em :/
     
  4. faraz_k86

    faraz_k86 New Member

    Joined:
    Apr 23, 2010
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    0
  5. SpOonWiZaRd

    SpOonWiZaRd Know what you can do.

    Joined:
    May 30, 2007
    Messages:
    746
    Likes Received:
    8
    Trophy Points:
    0
    Occupation:
    Network Engineer/Programmer
    Location:
    South Africa
    To perform a middle man attack in order to sniff passwords both computers have to be on LAN, not WLAN.
     
  6. faraz_k86

    faraz_k86 New Member

    Joined:
    Apr 23, 2010
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    0
    so cain and abel cant work with wireless networks?? what can be used then?

    will ettercap be able to?
     
  7. SpOonWiZaRd

    SpOonWiZaRd Know what you can do.

    Joined:
    May 30, 2007
    Messages:
    746
    Likes Received:
    8
    Trophy Points:
    0
    Occupation:
    Network Engineer/Programmer
    Location:
    South Africa
    It can sniff and crack WEP and WPA protected networks but in order to do that you will need a USB 802.11 WLAN dongle that is AirPcap Driver compatible. For doing middle man attacks its awesome, the same applies for cracking windows passwords remotely, all you need is to capture the hash and then you right click it and select "Send to cracker". I learnt all the tricks of cain and abel by reading their help file that really helps alot.
     
  8. faraz_k86

    faraz_k86 New Member

    Joined:
    Apr 23, 2010
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    0
    thx.. i did read the help though.. i wanted to monitor network activity.. im more interested in that and not that much in passwords..

    so in order to see what pages the other network computers are viewing.. I will have to get AirPcap driver compatible dongle as well? or can I do it with my built in intel wifi card?
     
  9. SpOonWiZaRd

    SpOonWiZaRd Know what you can do.

    Joined:
    May 30, 2007
    Messages:
    746
    Likes Received:
    8
    Trophy Points:
    0
    Occupation:
    Network Engineer/Programmer
    Location:
    South Africa
    No, the wireless feature in Cain and Abel can not do APR Poisoning, and in order to monitor network activity in such a way that you can see who is doing what, you need to perform APR poisoning, then you select the computer and the router, thus enabling you to sniff all traffic between the two nodes on the network, anything that goes from the target computer to the router WILL first pass trough your computer, then your computer will send the data to the router, and vise versa for data from the router to the target computer... The wireless cracker and sniffer on Cain and Abel only enables you to sniff packets on a WEP or WPA encrypted WLAN network using a AirPcap USB wireless dongle, once you have enough packets you can perform a brute force attack on the ecryption, but with WPA you will first have to inject a Deauth attack on the network to deauthenticae all the users and then they automatically reauthenticate thus giving you the password hash, now with WPA you can only perform dictionary attacks and not brute force. To sniff network activity you must be on a LAN. The best program to sniff LAN activity is Cain and Abel, the best program for Wireless is Aircrack-ng and its compatible with most WLAN cards, I suggest if you buy a card, make sure its chipset is atheros because atheros chipset is compatible with Aireplay, Aireplay is the app you use to inject packets on the WLAN. I hope this cleared things up a bit?
     
  10. dasli

    dasli New Member

    Joined:
    Aug 13, 2009
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    0
    mmm...useful information, but I prefer to use Protemac Meter for monitoring network
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice