Cain & Abel

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness present in protocol’s standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some “non standard" utilities for Microsoft Windows users.

Cain & Abel has been developed in the hope that it will be useful for network administrators, teachers, security consultants/professionals, forensic staff, security software vendors, professional penetration tester and everyone else that plans to use it for ethical reasons. The author will not help or support any illegal activity done with this program. Be warned that there is the possibility that you will cause damages and/or loss of data using this software and that in no events shall the author be liable for such damages or loss of data. Please carefully read the License Agreement included in the program before using it.

The latest version is faster and contains a lot of new features like APR (Arp Poison Routing) which enables sniffing on switched LANs and Man-in-the-Middle attacks. The sniffer in this version can also analyze encrypted protocols such as SSH-1 and HTTPS, and contains filters to capture credentials from a wide range of authentication mechanisms. The new version also ships routing protocols authentication monitors and routes extractors, dictionary and brute-force crackers for all common hashing algorithms and for several specific authentications, password/hash calculators, cryptanalysis attacks, password decoders and some not so common utilities related to network and system security.

 

 

原本的傳輸機制:

mitm1

而遭到駭客以中間人攻擊的網路傳輸則像下圖所示:

mitm2

Cain & Abel是從oxid.it這個網站發佈的軟體。原文音譯是「該隱與亞伯」,是聖經裡亞當和夏娃兒子的名字。不過,聖經故事跟這個軟體所作的事顯然沒什麼關係…

mitm3 Cain-and-Abel

從網站上的簡介可以得知,Cain & Abel是針對微軟作業系統而設計的密碼竊取軟體〈他們宣稱是密碼「復原」軟體〉。Cain & Abel要怎麼使用呢?youtube上有很完整的影片教學:

http://tw.youtube.com/watch?v=xWUuZqB4kCc

限於篇幅,這裡並不會細細說明軟體的操作細節,運作原理才是本文的重點。Cain & Abel鑽的是ARP這個協定的漏洞,透過一種叫做「ARP Spoofing」的技巧,欺騙特定電腦,假冒自己成中間人。

ARP原本的作用是解析IP與網卡實際位置的對應關係,是網路運作不可或缺的協定

teach:

我想就開始介紹如何使用Cain監聽3389(遠端桌面)密碼

首先安裝Cain & Abel

clip_image002

中途問你要不要安裝WinPcap,如果裝過則可跳過

clip_image004

安裝完成後便可執行Cain & Abel 主程式

clip_image006

第一步先設定要監聽的網卡

clip_image008

第二步選擇你要監聽的內容,當然你可以全部監聽

這邊是選擇Filters and Ports中的3389 port

clip_image010

第三步是找出所有subnet的電腦

在sniffer頁面空白部份按右鍵,選擇Scan Mac Address,再按OK

clip_image012

當程式跑完後出現Alive IP/Mac清單

clip_image014

第四步是設定APR

針對192.168.111.131(Target)及192.168.111.2(Getway)做Spoofing

先按+後新增

clip_image016

選擇192.168.111.131(Target)及192.168.111.2(Getway)後OK

clip_image018

按下放射性標誌就開始嗅探囉

clip_image020

若有人用131遠端登入其它電腦,則可嗅探到使用的帳號密碼

不過遠端連線必須是先填入帳號密碼後連線才行,若連到遠端後再輸入帳號密碼則Cain& Abel會監聽不到

發現嗅探到1筆RDP連線

clip_image022

開啟記錄檔並查看一下吧

clip_image024

在Symmetric encryption phase reached …

找到帳號:caintest密碼:abc123

clip_image026

 

download:

1) http://cain-abel.en.softonic.com/

2) http://www.softpedia.com/get/Security/Decrypting-Decoding/Cain-and-Abel.shtml

 

資料來源

http://www.oxid.it/cain.html

http://mycck.blogspot.com/2008/04/cain-abel-sniffer-3389.html

http://mmdays.com/2008/11/10/mitm/

Advertisements

發表迴響

在下方填入你的資料或按右方圖示以社群網站登入:

WordPress.com Logo

您的留言將使用 WordPress.com 帳號。 登出 / 變更 )

Twitter picture

您的留言將使用 Twitter 帳號。 登出 / 變更 )

Facebook照片

您的留言將使用 Facebook 帳號。 登出 / 變更 )

Google+ photo

您的留言將使用 Google+ 帳號。 登出 / 變更 )

連結到 %s