Cain and Abel ARP Poisoning Problem

Lets get down to business on ASM, reverse engineering, product activation, and what it's really all about. [ THERE ARE NO WAREZ HERE ]

Cain and Abel ARP Poisoning Problem

Postby Ninjalemon » Thu Sep 17, 2009 10:24 am

Hey guys. I used Cain a long time ago on my system and it worked perfectly. However, when I attempted to use it again more recently, I've been having problems. Both the username and password from sites such as ebay, gmail, facebook etc. etc. seem to be encrypted. I tried sending them to the cracker but that didn't work. I'm using the exact name router and machine(s) as before. Any ideas as to why it isn't working? Here's a screenshot of what's coming up when I try to intercept the passwords from the IP traffic:

Image
Ninjalemon
n00b
 
Posts: 1
Joined: Thu Sep 17, 2009 10:06 am

Re: Cain and Abel ARP Poisoning Problem

Postby stasik » Mon Oct 05, 2009 1:15 pm

if i am not mistaken, long ago gmail was using HTTP, and u had to go in setting and select in order to use HTTPS. now it uses HTTPS by default. maybe thats the issue in ur case. does it works ok for some ordinary email (mail.com, mail.ie, mail.ru, etc...)?
User avatar
stasik
Guru
 
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Thats me!

Postby gasemeplayday » Tue Feb 09, 2010 3:15 pm

Hi, as you can see this is my first post here.
Hope to get some assistance from you if I will have any quesitons.
Thanks and good luck everyone! ;)
User avatar
gasemeplayday
n00b
 
Posts: 3
Joined: Sat Jan 23, 2010 4:54 pm
Location: France

Introduction

Postby gasemeplayday » Wed Feb 10, 2010 11:46 am

Hi, as you may already discovered I'm fresh here.
I will be glad to receive any assistance at the start.
Thanks in advance and good luck! :)
User avatar
gasemeplayday
n00b
 
Posts: 3
Joined: Sat Jan 23, 2010 4:54 pm
Location: France

Re: Cain and Abel ARP Poisoning Problem

Postby Cool_Fire » Tue Mar 16, 2010 1:39 pm

All the login systems you've mentioned use ssl, which means basically you're screwed as far as sniffing the traffic goes. You could try setting up something like SSLStrip. This basically means you would make the secure connection and send the unencrypted data on to the client.
If we're breaking the rules, then how come you can't catch us? You can't find us? I know why. Cause, it's ... MAGIC!

Hackerthreads chat, where the party is going 24/7.
User avatar
Cool_Fire
Not a sandwich
 
Posts: 1686
Joined: Fri May 09, 2003 1:20 pm
Location: 41 6d 73 74 65 72 64 61 6d

Re: Cain and Abel ARP Poisoning Problem

Postby SLaX » Sun Apr 24, 2011 12:12 am

Yes, Google uses SSL with TLS encryption. Some other email providers are not as secure.
User avatar
SLaX
Apprentice
 
Posts: 44
Joined: Fri Aug 17, 2007 2:13 pm
Location: Somewhere


Return to Apps & RE

Who is online

Users browsing this forum: No registered users and 0 guests

cron