Page 3 of 5

Posted: Mon Oct 24, 2005 11:34 am
by Tenchuu
Which function of Cain is said to work over WAN? Basically Cain is used for Netbios accesses, sniffing and cracking. None of these functions will work in a routed network. That's why there are VPN's and FTP's
Theoretically Netbios works over TCP/IP, but I've never seen it so far

Posted: Tue Oct 25, 2005 7:06 pm
by Ramius
Yes, it will work over the internet, so long as you are running it from a Public IP (Not Dial UP). the remote PC has to have the NetBios Ports open on the internet as well, however, there are not many of them that have not already been hacked. I test hosts with this all of the time. Make sure you are hitting an actual host and not a router as cain wont connect ot a router the same way as a workstation.

RK

Posted: Fri Nov 18, 2005 12:58 am
by rockymac1
hi i m new to hacking.i m using cain.but when i right click on user it gives user inumeration error-access denied.what could be the mistake..all lan connected pc are having same dns settings.plz help me

Posted: Sun Nov 20, 2005 2:07 pm
by Ramius
The reason that you get the access denied is because of a Group Policy setting that is preventing the enumeration of anon sids. You should go after the DC first, as many Admins are reluctant to set this setting on their domain controllers (or they dont know the difference between "Local", "Domain Local", and Domain Controller group policy settings. Additionally, if you will attempt this on every PC on the domain, you will surly find at least one pc that does not have this setting, if you do, then look to see if there is a user account on a workstation that has domain rights. From there you can log in as that user, then you will no longer be anon, and then you can enumerate the Sids and users.

From there it is up to you....

RK

Posted: Mon Nov 21, 2005 1:42 am
by rockymac1
thanks for your suggestion
but i cant find the computer of that kind in the network.But i want to see it working.so plz tell me the detailed step to configure two computers in a lan(not activating the allow user to connect remotely option).
say my computer is in domain MSHOME.so whethere i have to make the other pc in same domain that is MSHOME for the cain to give no inumeration error.plz tell in details.bcoz i m beginner and want to acquire detailed knowledge on networking.i think you wiil help me to achieve my goal


thanks

Posted: Mon Nov 21, 2005 1:50 am
by Ramius
the domain name is not important.

You need to research NetBios as well as SMB. The underlying requirement of open ports and services. If both machines are XP SP2 and have the Firewall enabled, you are likely to have problems.

There are too many vairables to consider for this scenario.

" m beginner and want to acquire detailed knowledge on networking.i think you wiil help me to achieve my goal "

Start off by buying a CompTia Network Plus study book, then read it, then read it again. Then you will have a basic understanding of networking in a client/server infrastructure, the process in question will make a great deal more sense once you understand some basic concepts.

Also, if they are both your computers, then right clisk on the computer name and click, "Connect As", then enter your credentials, then go from there.

RK

Posted: Mon Nov 21, 2005 12:24 pm
by rockymac1
thanks 4 ur quick quick reply
i have tried it in two computers having no sp2 installed & firewall disabled .but inumeration error-access denied occurs.plz give me the detailed step of running it using two lan connected pcs
thanks

Posted: Mon Nov 21, 2005 2:01 pm
by UniX
Start off by buying a CompTia Network Plus study book, then read it, then read it again. Then you will have a basic understanding of networking in a client/server infrastructure, the process in question will make a great deal more sense once you understand some basic concepts.
It seems like he already answered your question for you right there.

Posted: Tue Nov 22, 2005 11:39 am
by rockymac1
i havent understand ,what to set in group policy.where can i find group policy settings and what settings need to be done to have cain working on two lan connected pc.plz tell in such a way that a beginer like me can understand what u r trying to say. [ :roll:]

Posted: Sat Nov 26, 2005 2:58 am
by Ramius
Either Admin Rights or, more understanding of computers and client server networkign than can be answered in a post or two.

Get the book....

RK

Posted: Fri Dec 02, 2005 2:50 am
by ConfidentiaL
If I am behind a router, and my PC has a local IP adress, how can I then sniff at other computer on WAN?

Posted: Fri Dec 02, 2005 8:16 am
by Ramius
Sniffing with Cain requires ARP
ARP is an OSI Layer 2 Protocol
To get from a Lan to a Wan requires passage through a Layer 3 device
Therefore, Sniffing of the WAN from a LAN is not possible "With Cain".

Move your Workstation to the WAN and you will be able to sniff all the traffic on the segment that you are plugged into.

RK
Sorry to dissapoint.

Posted: Sat Dec 03, 2005 7:40 pm
by hackobacko
kronik85 wrote: whenever i logon to a computer, i can check the status under the sniffer tab under passwords (far right) and it always says my status is a "guest" even if i login with an administrative user/pw. it's like i'm logging in with a bogus name/pw (which i can also do and get guest access) and doens't even recognize that it's administrative.

the same here

any suggestions ?

another questions :

(1)

i can sniffing on my lan and see what sites another computer visits
but it seems am not able to crack the password for them ..it doesn't accept to be sent to cracker so how can i crack them .

(2)

i already done asniffing on voip calls , cain recorded averysmall part of call and it was the only one it succeeded to do it , other calls have problems to be recorded , cain saya " codec error " , so how to overcome this .

(3)

i tried to crack guest password and i sent it to cracker and craked it
but it says that it was successful and the password is :
then space .

what does it mean ?

Posted: Sun Dec 04, 2005 8:21 pm
by DVS3651
sweet thanks

Posted: Sun Dec 11, 2005 10:36 pm
by mtjl79
Good tut. Very helpful. Thanks!

Posted: Mon Dec 12, 2005 8:18 am
by Ramius
The password is blank,
Cain has only limited Codec support as indicated on the web site,
The filters for extracting passwords are predefined, you can add options for the filter in the application if you look for it.

RK

Posted: Sat Dec 17, 2005 8:44 pm
by ConfidentiaL
When I try to install Abel.exe on a comp on my network, I get this error message: Couldn't copy Abel.exe: Failed to retrieve error description :?

Also, if I click on any of the buttons to that comp for example services i get this error message: Couldn't open the service control manager: Failed to retrieve error description

How do I get "Abel control" on the comps then?

Posted: Sun Dec 18, 2005 11:09 am
by Ramius
"Failed to retrieve error description" sounds like a problem on your computer.

To use Abel, you will need to have administrative access to the workstation or server that you are trying to connect to. Cain does have the ability to help you get access to the admin credentials, but you will need to play with the application a bit to figure out all of its features.

Keep playing, it will become clear as you learn both networking as well as the application.

As stated before, an understanding of the information contained in the CompTia Network+ certification track will prove invaluable in your quest.

RK

Posted: Sun Dec 18, 2005 11:59 am
by ConfidentiaL
When I try to sniff for password, i get different password hashes every time.
Also, I cant crack any of them, when i start the cracker it just say 0 of 0 hashes cracked just after i started.

Could this be because it has SP2 nstalled?

Edit: ok, i managed to crack the hashes, but still i get that same error message when I try to connect as admin.....

Posted: Sun Dec 18, 2005 12:53 pm
by execc
please rezise your signature.