The Anatomy of a Hack – Hacking with Cain - By Ramius

Docs that have proven to be a staple in understanding computer/network security. This is not an inclusive forum and nothing ipublished will tell you how to 0wn someone, these docs will help you understand how you got 0wnd.
User avatar
SystemDownfall
Veteran
Posts: 600
Joined: Fri Feb 27, 2004 8:44 pm
Location: int(raw_input("Enter location here: "))
Contact:

Post by SystemDownfall » Mon Jan 24, 2005 6:08 pm

L0phtcrack is very similar to cain some say better some say worse
47.8 percent of all statistics are made up
---------------------------
http://www.blueoxidine.com
---------------------------
I heard there was a bonus underwater level in Windows. Supposedly its all blue with some white text.

btmonstor
Apprentice
Posts: 33
Joined: Fri Jan 21, 2005 2:57 am

Post by btmonstor » Tue Jan 25, 2005 4:07 am

Ok thanks, Ill give that a try.


This morning, Ive noticed that Cain has captured some IKE-PSK information, what exactly is this?

Its also grabbed a lot of telnet/ftp/http which is good, but no IMAP or M$ logins.

User avatar
SystemDownfall
Veteran
Posts: 600
Joined: Fri Feb 27, 2004 8:44 pm
Location: int(raw_input("Enter location here: "))
Contact:

Post by SystemDownfall » Tue Jan 25, 2005 10:26 pm

maybe they never log out. like me
47.8 percent of all statistics are made up
---------------------------
http://www.blueoxidine.com
---------------------------
I heard there was a bonus underwater level in Windows. Supposedly its all blue with some white text.

btmonstor
Apprentice
Posts: 33
Joined: Fri Jan 21, 2005 2:57 am

Post by btmonstor » Wed Jan 26, 2005 7:43 am

btmonstor wrote: This morning, Ive noticed that Cain has captured some IKE-PSK information, what exactly is this?
Is this easy to crack with sendto cracker? what is this traffic type?

Thanks

kronik85
n00b
Posts: 1
Joined: Thu Mar 24, 2005 11:11 am

Post by kronik85 » Thu Mar 24, 2005 11:43 am

i have the same problem. i'm on a university network and can't check what type of switches we're plugged into until later this night.

i can't get onto my roomates computer (not trying anything malicious, just to get this to work. he knows i'm doing it and i have his permission to tinker with his comp). we have the same default gate, same dns server, same dhcp server, same ip range (xx.x.x.167 and xx.x.x.122) where my primary .4 and secondary is .3 and his primary is .3 and secondary is .4. i dont think that this should cause this problem.

whenever i logon to a computer, i can check the status under the sniffer tab under passwords (far right) and it always says my status is a "guest" even if i login with an administrative user/pw. it's like i'm logging in with a bogus name/pw (which i can also do and get guest access) and doens't even recognize that it's administrative.

if i install abel manualy on his computer, then i can get to abel while still using guest rights. but that doesn't do me any good see as how i would need physical access to every computer i want to dump hashes for (honestly i just like breaking the pw's, i dont care about people's computer contents or being malicious. we started a project on encryption in one of my classes and that's why i'm interested.)

User avatar
jstoned
Strike 1
Posts: 137
Joined: Sat Mar 19, 2005 10:51 am

Post by jstoned » Wed May 25, 2005 4:47 am

once (long time ago, i had win95 on my first PC) cain save my life, cause wih it i managed to return my account, pwd to which i forgot (actually mistyped, how it turned out). I was trying to hack win accounts then. Was like 12 years old :P

ReVeR
Guru
Posts: 592
Joined: Mon May 24, 2004 7:54 pm

Post by ReVeR » Wed May 25, 2005 6:21 pm

hey, this is of topic abit, but i am, looking and i see Chapter 2 there,....where is the first cahpter and the rest?
Thx

User avatar
pozican
Oh lawd is dat sum chikinz
Posts: 1617
Joined: Tue May 18, 2004 1:29 pm
Location: #hackerthreads

Post by pozican » Fri Jun 17, 2005 12:35 am

Cain seems to have trouble with SP2 -- any suggustions?
Get some exercise -- Support bad porn
Life for President, Ramius for vice, GhostHawk for Secretary of Beer
i <3 2 sqrt(u)

ECP_alex
n00b
Posts: 3
Joined: Mon Jun 20, 2005 6:53 pm
Contact:

Post by ECP_alex » Thu Jun 23, 2005 2:51 pm

uh, i no im dumb but, when your configuring, i think im doing the wrong thing, you're sposed to use your IP and MAC, right? or is it suppose dto be the person you're trying to hacks info?

User avatar
UniX
Veteran
Posts: 600
Joined: Thu Jun 26, 2003 1:17 pm
Location: input("Why are you looking here?")

Post by UniX » Thu Jun 23, 2005 5:34 pm

Pozican, you running 2.7.3? The new version works great with SP2. Your having problems with the raw sockets?
"UNIX is an operating system, OS/2 is half an operating system, Windows is a shell, and DOS is a boot partition virus." — Peter H. Coffin .

http://cybergotham.net

doit
n00b
Posts: 6
Joined: Thu Aug 11, 2005 11:56 pm
Location: ohio

Post by doit » Fri Aug 12, 2005 12:06 am

awesome job ramius. Looks real good, awesome job writing all that out.
(0-o)
(--)
^^
give me free programs!
http://www.unknownabyss.com

User avatar
:razta:
n00b
Posts: 20
Joined: Sun Aug 14, 2005 9:15 am
Location: Long: 85e19 - Lat: 27n43

Post by :razta: » Sun Aug 21, 2005 10:29 am

Just a question on cain & able.

When I install cain & abel onto a network, I disable the antivirus first.

The crappy antivirus automatically starts up again after a few mins and detects and quarentines abel's dll file.

Just wondering if the sniffer requires abel to work or can you just use cain? Probably a stupid question.

User avatar
netphreak
Owns you
Posts: 1300
Joined: Wed Sep 24, 2003 8:31 pm
Location: Everywhere and nowhere... all at once
Contact:

Post by netphreak » Sun Aug 21, 2005 11:41 am

it shouldn't see it as a threat, so try installing it without disabling the AV first. The startup could be the only thing that catches it.
Look at the stars, but shoot for the ceiling; it's closer...
When looking for a needle in a haystack, don't start in the middle of a wheat field.

User avatar
:razta:
n00b
Posts: 20
Joined: Sun Aug 14, 2005 9:15 am
Location: Long: 85e19 - Lat: 27n43

Post by :razta: » Sun Aug 21, 2005 12:50 pm

Still same! :(

The antivirus is McAfee 8.0 virus scan enterprise.

I think that the antivirus gets reenabled by the server, cant seem to find a disable button for long term.

Could uninstall it then reinstall it when ive finished sniffing but the time it would take to do so would probably get me caught. :?

Ill have a read though the McAfee readme files.

:idea: Could disconnect the network cable, disable the antivirus, download cain and abel, install it then plug network cable back in.

Gotmilk
n00b
Posts: 3
Joined: Mon Sep 26, 2005 12:07 pm

Post by Gotmilk » Mon Sep 26, 2005 1:45 pm

ok now i did all like in tutorial. But when i start to install Abel he installs 50 percent and then gives me an error sayin Coulnd copy abel.exe. The network path was not found.

Then i click ok and another message pops up saying could not open service control manager: Access is denied. Could someone explain to me what this means.

And sometime i try to get usernames message comes saying that could not get someking SID.

What this SID means. I would appreceate the help :)

User avatar
Tenchuu
Reborn
Posts: 1160
Joined: Tue Mar 16, 2004 3:27 pm
Location: Society of Blazing Inferno
Contact:

Post by Tenchuu » Mon Sep 26, 2005 1:55 pm

Installation: Sounds like you aren't logged on as an Administrator. Change that

For the SID error: Get the whole error message and google for it
Keep your friends close, keep your keyboard closer

Gotmilk
n00b
Posts: 3
Joined: Mon Sep 26, 2005 12:07 pm

Post by Gotmilk » Mon Sep 26, 2005 2:28 pm

well i manged to log in as administrator. I typed administrator and left password blank. And then i was in as compter administrator. but i still have the same error.

And i googled "Users enumeration error: Access is denied"
"Could not lookuo Domain SID" Still no help

User avatar
Tenchuu
Reborn
Posts: 1160
Joined: Tue Mar 16, 2004 3:27 pm
Location: Society of Blazing Inferno
Contact:

Post by Tenchuu » Tue Sep 27, 2005 2:35 am

The errors are a bit weird and still smell after User-Problem

Where did you log in as Administrator?!? You sound a bit unskilled

Try to install Cain to "My Files" that could work. I think you are trying to install Cain to a folder where you don't have access to
Keep your friends close, keep your keyboard closer

Gotmilk
n00b
Posts: 3
Joined: Mon Sep 26, 2005 12:07 pm

Post by Gotmilk » Tue Sep 27, 2005 8:59 am

i have acces in everywhere in my computer.
I opened program right clicked on computer and login as administrator and left password blank. it was my roommates computer where i logged into. From the menu it showed me as and administrator. I made exactly like on tutorial. But after that i have problems.

i try what u suggested but i dont think it help very much.

PS thanks anyway

User avatar
theredplanet
n00b
Posts: 19
Joined: Mon Sep 27, 2004 4:40 am

Post by theredplanet » Mon Oct 24, 2005 10:56 am

I know someone said this works just as well accross the WAN as it does on the LAN and they said you just manually add the I.P into the network section. Surely though you need some kind of access to the computer you are trying to get to, i mean like other than just being able to ping it, if I add an I.P of one of my friends PCs for example I just get network path was not found. I can ping the I.P im adding obviously, are there specific ports that need to be open for this? im probably missing something stupidly obvioius (as im sure uve guessed i am new to this and sory if its a daft quesiton) but has anyone got any suggestions or a quick tut on how to use this over the internet.

Post Reply