The Anatomy of a Hack – Hacking with Cain - By Ramius

Docs that have proven to be a staple in understanding computer/network security. This is not an inclusive forum and nothing ipublished will tell you how to 0wn someone, these docs will help you understand how you got 0wnd.
User avatar
ConfidentiaL
n00b
Posts: 11
Joined: Tue Nov 29, 2005 11:36 am

Post by ConfidentiaL » Sun Dec 18, 2005 3:14 pm

Image

plzz
no thats confidential.....

User avatar
GhostHawk
Ex-Mod
Posts: 1447
Joined: Wed Jul 30, 2003 12:10 am
Contact:

Post by GhostHawk » Sun Dec 18, 2005 4:27 pm

Might wanna actually READ through there before anyone is going to help you.
Opinions are like ass holes, everyone has one. It is also my opinion, that I am an ass hole.

User avatar
ConfidentiaL
n00b
Posts: 11
Joined: Tue Nov 29, 2005 11:36 am

Post by ConfidentiaL » Mon Dec 19, 2005 9:58 am

So, is there any1 who can help me with my problem?
no thats confidential.....

User avatar
BattousaiX
Your Senior
Posts: 933
Joined: Wed Jun 23, 2004 9:19 am

Post by BattousaiX » Tue Dec 20, 2005 5:38 am

I would suggest checking any error logs, or system logs that would give you the exact error, and try to google for the solution. If you cannot find logs, google this error that you're receiving. But try to get further details, as details lead to the solution.
Living tomorrow as another day of the past

User avatar
Ramius
The Evil Clown
Posts: 1714
Joined: Fri Mar 26, 2004 8:47 pm
Contact:

Post by Ramius » Thu Dec 22, 2005 12:41 am

Is your target either XP or 2003 with the firewall enabled?

Think about it, if the request is denied, then the reason will also be denied if the target is firewalled. Try it again after disabling the FW. See if the error persists.

In either case, it is imperative that you learn abit more about client server networking and not just DL a tool and have at hacking. You will have little real success outside that of being a script kiddie until you have a better grasp of networking concepts.

RK
RIF - Reading is Fundamental
Hacking is a process, not a product
Http://www.rainbowtables.net

User avatar
ConfidentiaL
n00b
Posts: 11
Joined: Tue Nov 29, 2005 11:36 am

Post by ConfidentiaL » Thu Dec 22, 2005 8:45 am

Its XP pro with SP2
firewall = off
I own the box
no thats confidential.....

littlefly375
Banned
Posts: 1
Joined: Mon Dec 26, 2005 6:47 pm

?

Post by littlefly375 » Tue Dec 27, 2005 12:13 am

I was wondering if someone could make a video tutorial of getting somones user name and password for me and for everyone using Cain.
I read the tut. over and over and it is just to hard for me, I dont understand where most stuff is and how to find IP's and much more, it would be so great if someone could do this for me. It would also be good for all others out there that have a million questions like me. If not, could you make one for beginners going threw each step like finding IP's and so on and so on. I you could it would be great. thank you and hope you post soon.

User avatar
Ramius
The Evil Clown
Posts: 1714
Joined: Fri Mar 26, 2004 8:47 pm
Contact:

Post by Ramius » Tue Dec 27, 2005 12:35 am

Will be in the book - The Anatomy of a Hack-
Look fo it on book shelves in August 2006!

RK
Last edited by Ramius on Thu Dec 29, 2005 11:45 am, edited 1 time in total.
RIF - Reading is Fundamental
Hacking is a process, not a product
Http://www.rainbowtables.net

User avatar
cyber_warrior2
Sargeant at Arms
Posts: 296
Joined: Sat Jun 12, 2004 1:48 pm
Location: India

Post by cyber_warrior2 » Tue Dec 27, 2005 9:39 am

lol, thanks for the help. Well if anyone knows of an east tutorial for beginners that goes threw every step easly it would help me out alot. Or even better, a picture tutorial of Cain. But that is really what i am needing if a tutorial is to much.
If anyone knows where thers is one, could you please post the link, it would be so great.
Thank you so much. I just dont think anyone is going to make a video tutorial for me but if someone could bind a picture tutorial of Cain hacking a user name and password, that would be awesome for me and others that need help to use.
post soon and hope you all have a good merry chirstmas.

If you cant understand and follow this tutorial then in my personal opinion you dont deserve to be in this field. Its not that everything which is documented in the tut will be exactly the same way in your case as well. Th circumstances and situation will be diff on diff networks and machine. And you have to use your common sense to figure out whats going wrong. And belive me nobody is going to spoon feed you here. I knw this coz once when i joined ht0rg i was in ur shoe and cant even figure out a simple syntax for Netcat. Although it took me 20 days to get that but at least i did it on my own. And as Ramius always says-"Reading is Fundamental". So try to look for little pieces of information on diff tuts and documents as well.
COMMON SENSE IS AN INSTINCT, ENOUGH OF IT IS A GENIUS

telcontar
31337 Martial Artist
Posts: 1898
Joined: Sat Feb 21, 2004 8:38 am
Location: /etc/login.defs
Contact:

Post by telcontar » Thu Dec 29, 2005 10:24 am

Ramius wrote:Going once,
Goning Twice,
Gone for filling up inboxes with stupid posts.

LittleFly375 is a gonner!

RK - This post is soon to be locked and places in the Dead Threads pool....

RK
Don't, just delete the crap and useless replies, including this one :)
Fate favours the well prepared ...

Code: Select all

(A + 3, N - 1, X)

atticusfinch
n00b
Posts: 27
Joined: Tue Aug 01, 2006 9:42 pm

Post by atticusfinch » Sun Aug 27, 2006 4:19 pm

Hi I just read your tutorial and I have a couple of problems.

First when I click on a computer to enumerate users is says Users Enumerations Error: Access Denied. After that it still lets me scan for SSIDs.

Then when I right click and connect as on the computer it basically lets me type in anything as the username and password and then it will say for example im connected as "mycomputer name\usernameItypedin". If during the while entering the credentials I type in for example "targetcomputer\Adminstator" then it will say im connected as that.

After Im connected (or at least typed in some kind of credentials) I try to install Abel but once again it says access denied.

All the computers are running on windows xp and are all in the same workgroup.

I would apreciate the help

User avatar
Ramius
The Evil Clown
Posts: 1714
Joined: Fri Mar 26, 2004 8:47 pm
Contact:

Post by Ramius » Sun Aug 27, 2006 4:32 pm

Cain is just a tool. You still have to hack. The applicatoin will not make a vulnerability, only allow you to find the bad habits of administrators. To install Abel.exe, will will need admin rights on the target machine. there is no way to get around that. If you are able to di a sid enumeratoin and get a list of all of the user accounts, then you might be able from there to get some additional information that would be useful. that is about all that I can tell you without access to your environment.

Remeber, Cain is not a "Hacking Tool." Cain is a legit network management and auditing tool, that has many uses in the hacking realm. No different than NMAP, SolarWinds, or ArcServ realy speaking... But I have used ArcServ to break into a network, so the beauty of the application is in the eyes of the beholder, and the skill of the beholder.

KR
RIF - Reading is Fundamental
Hacking is a process, not a product
Http://www.rainbowtables.net

atticusfinch
n00b
Posts: 27
Joined: Tue Aug 01, 2006 9:42 pm

Post by atticusfinch » Sun Aug 27, 2006 4:38 pm

Ive been trying this out on my home computers and so even when I connect as and administator it still says access denied when trying to install abel or even enumerating users

User avatar
Ramius
The Evil Clown
Posts: 1714
Joined: Fri Mar 26, 2004 8:47 pm
Contact:

Post by Ramius » Sun Aug 27, 2006 5:01 pm

hint: workstation_name\administrator then password.

For example, if my workstation name is Ramius and my admin account is ubuntu and my password was nimda, I would log in as follows:

Username: Ramius\Ubuntu
Password: nimda

but prior to this really helping you, you will need to understand the process of connecting with SMB.

KR
RIF - Reading is Fundamental
Hacking is a process, not a product
Http://www.rainbowtables.net

atticusfinch
n00b
Posts: 27
Joined: Tue Aug 01, 2006 9:42 pm

Post by atticusfinch » Sun Aug 27, 2006 6:46 pm

Thanks so like if I wanted to sign on to like another computer on my network that was named Bob I would enter the username as BOB\Administrator

I still get access denied, not sure if its just some problem with firewalls

User avatar
Ramius
The Evil Clown
Posts: 1714
Joined: Fri Mar 26, 2004 8:47 pm
Contact:

Post by Ramius » Sun Aug 27, 2006 8:57 pm

you have it correct. But you still have to have admin rights.

So if you log in as Bob\administrator, then the Administrator account on "bob" must meet the following parameters:

1. Administrator must hae admin Privs
2. the password for Administrator must be correct.

after that, you are all set.

RK
RIF - Reading is Fundamental
Hacking is a process, not a product
Http://www.rainbowtables.net

atticusfinch
n00b
Posts: 27
Joined: Tue Aug 01, 2006 9:42 pm

Post by atticusfinch » Mon Aug 28, 2006 12:20 am

I really appreciate your help and I feel bad keep coming back with this, but Im still having a little bit of problems.

I sign on to another computer on my network with "thecomputername\Administrator" and I know that the username has a blank password. After I sign on cain shows me that I am signed on with the line saying "targecomp\administrator". But once again when I try to access the services it says acccess denied. You mentioned how the adminstator may not even have priveleges but I don't think that is the case in our own network

Joeblow5150
n00b
Posts: 1
Joined: Wed Nov 08, 2006 9:46 pm

Great Tutorial

Post by Joeblow5150 » Wed Nov 08, 2006 9:51 pm

"Referring back to chapter two" and "Now would be a good time to copy the rainbow tables and password lists from the CD’s found in the back of the book"

Where can I find the other chapters and where can I get the book

User avatar
Artificial_Intelligence
n00b
Posts: 2
Joined: Tue Nov 14, 2006 9:47 pm
Contact:

Post by Artificial_Intelligence » Wed Nov 15, 2006 11:22 pm

Well looks like I wont be reading any of The Da Vinci Code tonight. Great tutorial, and uhh, definitely worthy reading.
"Artificial Intelligence usually beats natural stupidity."

blunt
n00b
Posts: 1
Joined: Fri Nov 17, 2006 11:12 am

Post by blunt » Fri Nov 17, 2006 11:15 am

Hi Ppl
I'm a computer systems and network student trying to use cain and abel i can connect to machines on my LAN and view Groups Shares and Users but cannot connect to services - error this mean si cannt remotely install abel any ideas please help ???

Post Reply