bump....anyone?
Printable View
bump....anyone?
[QUOTE=Pottymouth]Hi there everyone....i'm new here so please bear with me, i'd love to learn this stuff. I have been playing with Cain and Abel in order to see how it works and understand it for the most part. I keep running into a problem that i cannot figure out how to solve. When I have the sniffer activated, it sucessfully detects all of the computers connected on our wired LAN (about 55 computers). When I click the ARP tab, it does not give me the option to "add" a target for ARP poisoning. The "plus" button is not blue, its stays grey and I cannot figure out why. Any advice? Thanks in advance![/QUOTE]
I havent used cain in a long time, but first click the sniffer tab, then scan for addresses or whatever you want to do, then click the start sniffer button up the top, then click the apr tab down the bottom, then witht the yellow APR option selected at the left, right click on the top white box that says ip address, status and stuff, then after just one right click the + button at the top should pop up and you can click it and add to the list. When you're set up you need to click the yellow "start/stop APR" at the top left of the screen, next to the sniffer button. Of course this is not a complete guide to setting up cain, there are a lot more options and settings that you need to do as well as this, I am just telling you how to add to the APR list.
can someone please give me the password to this account [email]nym**@hotmail.com[/email]
send it to [email]beasta.evil@hotmail.com[/email]
[QUOTE=SneakyOne]Back in the day there were several good password crackers using brute force dictionaries. Today, most email providers only allow a few attempts at a password before locking the account out.
There are other methods for getting passwords than brute-force. One common method is to remotely deploy a keylogger or trojan. While this can be very effective, it can be difficult to configure it to work properly.
If you don't have the knowledge or desire to try and get a password for yourself, then that's where I come in.[/QUOTE]
My ex-girlfriend just changed my password on my myspace account and I'm not computer savvy so I need some help.... is there any way you can help me out on this one? If you can help me out you can email at [email]ramonsedano02@hotmail.com[/email] Thanks!
My ex-girlfriend just changed my password on my myspace account and I'm not computer savvy so I need some help.... is there any way that ANYONE can help me recover my password? If anyone can help me out, you can email at [email]ramonsedano02@hotmail.com[/email] Thanks!
[QUOTE=rayray02]My ex-girlfriend just changed my password on my myspace account and I'm not computer savvy so I need some help.... is there any way that ANYONE can help me recover my password? If anyone can help me out, you can email at [email]ramonsedano02@hotmail.com[/email] Thanks![/QUOTE]
Whether you are "computer savvy" or not, there are no ways at all to hack into email, myspace etc accounts, so you're wasting your time searching for a way to directly get your password back, because methods like brute forcing DO NOT work on all but the most poorly ******* sites. If you keep searching for ways to hack back into it, you will inevitably end up downloading a trojan that will infect your computer. The ways to get back your password are:
*. Keylogger - These can be configured to mail you back the logs, which may or may not include the password.
2. Trojan - Same as above
*. Fake page - If you have php web hosting, then you may want to tell her to go to your fake page and login or somehow edit her hosts file so all attempts to access myspace would be directed to your fake page.
4. Social engineering - You could send her an email (spoofed to say "from [email]staff@myspace.com[/email]") which would say "Please send your password to [email]_____@hotmail.com[/email]" or some scam like that to trick her into giving away her password, alternatively it would be more believable to get her hotmail password from this, then it would probably be the same one she uses for everything.
Thanks for the imput Mike*0*.... the fake page thing sounds like a good plan but I have no clue how to go about it... do you think you could help me with this one?
[QUOTE=rayray02]Thanks for the imput Mike*0*.... the fake page thing sounds like a good plan but I have no clue how to go about it... do you think you could help me with this one?[/QUOTE]
You have to have a website hosted that supports php to run a fake page, so if you dont have one already then its probably not worth getting one just for a fake page that my or may not work. Also, i dont know of any myspace fake login pages, so unless you make your own, one (harder than you may think) then you will not be able to get the password. The thing I was saying about editing the hosts file, to do this you would have to have access to her computer, the hosts file is basically a file that maps ip numbers to host names (like [url]www.google.com)[/url], if you could edit this you could make all attempts to access myspace/hotmail go to your fake, but you would have to have access to her computer to edit it, or make a program to do it for you. On winxp, the hosts file is in here: (called hosts)
C:\WINDOWS\system*2\drivers\etc
Open it with notepad and take a look at it, if theres anything (on the area not beginning with # on each line) apart from *27.0.0.* and localhost, then you probably have adware and spyware on your computer, run a scan with spybot and adaware. If you really wanted help setting up a fake page, then I could help you, but it's probably not worth it, anyway, how are you going to tell her to just go to a link you say, shes not going to believe it. There are some really simple methods of tweaking the source of the hotmail login page so it shows the password in the url bar instead of sending it off to hotmail, so you can open the page locally in your browser, change the url from C:/file to [url]www.hotmail.com[/url] then getting the victim to login, then everything continues normally and they check emails... Then later you check the history and in a load of code is the email and password. Again, they have to be logging in on your computer.The easiest way for you is to simply email her a keymailer and then look through the logs for her password, of course the keymailer would be detected, so you would have to be sure she had no antivirus running.
Damn, all of that sounds so complicated. And what I hate is that there is still no guarantee that I would get my password back. We don't use the same computer due to the fact the she moved to a different state. So I couldn't do the keylogger thing. CRAP!
[QUOTE=rayray02]Damn, all of that sounds so complicated. And what I hate is that there is still no guarantee that I would get my password back. We don't use the same computer due to the fact the she moved to a different state. So I couldn't do the keylogger thing. CRAP![/QUOTE]
If you regularly talk to her on an instant messaging program, then you could send her a keymailer, which could be set up to email you logs of keys.
[QUOTE]"there is still no guarantee that I would get my password back"[/QUOTE]
There are no "guaranteed" ways to get email etc. login passwords, you probably expected there to be some program available that can hack login passwords, but it's totally impossible to just brute force login passwords unless they are poorly *******, so you have to try stuff like keylogging, social engineering, fake page, basically the victim has to somehow take an action that will allow you in, like downloading your keymailer, believing a scam, there are no ways to do it without them first doing something that will give you the chance to get the password.
Allthough mike is correct to a certain extent there is a way of getting peoples passwords just by knowing thier ip address. It is called a man in the middle attack. Me and my friend are currently working on a epaper or flash movie on it. BUT there is a catch. They must be on the same network as you.
[QUOTE=carlo]Allthough mike is correct to a certain extent there is a way of getting peoples passwords just by knowing thier ip address. It is called a man in the middle attack. Me and my friend are currently working on a epaper or flash movie on it. BUT there is a catch. They must be on the same network as you.[/QUOTE]
Yeah, a MITM attack would be quite a good way for him to get his password back, but from what he said
"My ex-girlfriend just changed my password"
If its his ex girlfriend I doubt they are on the same LAN. But he could get her to login on one computer while leaving the sniffer running, or do it from another computer, she would never know he had got the password. And, it has no problems, like finding the right fake page for myspace for example, he could just sniff the password.
Alright.... sounds like you guys got something good going but I have NO CLUE what you guys are talking about!! haha... what's this whole sniffer thing?
[QUOTE=carlo]Allthough mike is correct to a certain extent there is a way of getting peoples passwords just by knowing thier ip address. It is called a man in the middle attack. Me and my friend are currently working on a epaper or flash movie on it. BUT there is a catch. They must be on the same network as you.[/QUOTE]
Ok... so I was reading your stuff about the Trojan... how does that work... and how would I get someone's I.P. address? Mind you, this situation that I'm talking about has to do with TWO SEPERATE computers in DIFFERENT STATES!!
[QUOTE=rayray02]Alright.... sounds like you guys got something good going but I have NO CLUE what you guys are talking about!! haha... what's this whole sniffer thing?[/QUOTE]
This is in response to the post before the one where you quoted carlo.
First of all, you have to be on a local area network with the victim. A snifer is a program that "sniffs" data passing through the network which you wouldn't normally notice, it can capture passwords etc. Most sniffers include the option of a MITM attack, a Man In The Middle attack, basically this is when (from wikipedia)
"an attacker is able to read, insert and modify at will, messages between two parties without either party knowing that the link between them has been compromised"
You may not understand that, but it means that a mitm attack can allow you to receive data that wouldn't normally reach you, and you can manipulate it to do whatever you want. Again, this would be able to capture anything, including passwords. You said that you are in two different states. This means a sniffer is probably useless to you.