PDA

View Full Version : Mitm?



Convcit#4616
04-19-2006, 06:20 AM
Ive been haunting your forums for a few days trying to get information on the MITM attack (man in the middle?)

I understand from previous posts that I might be able to intercept the logins and passwords of folks on the same network as I am. I work for a large hotel and have access to 6 compys throughout the night.

It appears that I require Cain and Abel's sniffing ability, is this correct? I can get on the secure network and the public WIFI here.

THe real reason im here is to learn as much as possible about password hacking crappy sites that piss me off.

I hope I dont come off too "noobish" to you folks, I tried to be respectful and search it all out before I posted.

If anyone is interested in helping a fella with the details, Im a quick study
I have a website called www.AngryMonkeyLove.com that i did all myself and I knew nothing about html or web design 2 months ago. Hopefully this helps to convince you im not a total moron



On a side note----

Ive not been around long but all you people saying you want to pull a prank on your "friend" or recover your own "lost" password trip my bullshit detector every time.

Ezekiel
04-19-2006, 11:32 AM
Ive been haunting your forums for a few days trying to get information on the MITM attack (man in the middle?)

I understand from previous posts that I might be able to intercept the logins and passwords of folks on the same network as I am. I work for a large hotel and have access to 6 compys throughout the night.

It appears that I require Cain and Abel's sniffing ability, is this correct? I can get on the secure network and the public WIFI here.

THe real reason im here is to learn as much as possible about password hacking crappy sites that piss me off.

I hope I dont come off too "noobish" to you folks, I tried to be respectful and search it all out before I posted.

If anyone is interested in helping a fella with the details, Im a quick study
I have a website called www.AngryMonkeyLove.com that i did all myself and I knew nothing about html or web design 2 months ago. Hopefully this helps to convince you im not a total moron



On a side note----

Ive not been around long but all you people saying you want to pull a prank on your "friend" or recover your own "lost" password trip my bullshit detector every time.

Finally someone who actually searched before posting! Because of this, I will answer your question. Yes, MITM stands for Man In The Middle (attack). There are many idiots posting here asking for impossible ways to directly hack accounts, but this way is realistic and possible, as long as you are on their LAN. MITM attacks involve the reading and modifying of data passing through your LAN. Some weaknesses in the way traffic is handled in a LAN allow any computer to read data going to any other computer, with arp spoofing, etc. All you need to read passwords and other information passing through the network is a computer connected directly to the LAN, and some software to do the sniffing for you, like cain. Then when connected and set up correctly, cain will be able to read every plaintext password travelling across the LAN. Because it can read any data passing through the network, cain has a useful feature that can record all VOIP communications into .wav files for you to listen to, it has a filter to reconstruct the audio into a file again or something. I can give more specific instructions if you want me to, but cain is very easy to use. Just don't run abel.

Convcit#4616
04-20-2006, 06:34 AM
Thank you for the reply, now that it is confirmed that I can accomplish this with the indicated program, I will attempt to install, configure and run it. Ill let you guys know if my efforts net me any results.


Thanks for not being a dick, I imagine noobs get tiresome after a while.

carlo
04-20-2006, 11:20 AM
Lol just thought id add that if they for some reason fire you, get them back by hacking their wireless router and changing the wep key lol. Just thought youd like to know. If you want to know how do this contact me since i can see you not a n00b and you searched.

carlo