1) Start Cain
2) Click blue + icon on the upper left, note username (ID) and Password and
URL of resource it was saved for on the Protected Storage tab.
3) To save information from any of the Protected Storage sites:
a. Click on one of the resources
b. Right click and select Export
c. Key in name such as resc1.txt
d. Now, open file using notepad or similar text editor
4) To delete entry, left click on item, select either Remove or Remove All.
To find Windows login ID and passwords on a local machine.
• Create three users on your local machine. Make the accounts as follows:
user1 with password of password, user2 with password of 1password1,
and user 2 with password of 123xyz321.
Now proceed to #1 below.
With the different passwords selected, you will be able to examine how
password difficulty affects auditing and cracking techniques.
1) Click on Cracker tab
2) Click on LM & NTLM Hashes
3) Click on + sign icon on toolbar then Dump NT Hashes from Local machine. *
Note, if you have a SAM file from an NT/win2k/XP machine you can also use
the import option to import from that. *See bottom of lab on remote
installation of Abel to see how you might gain access to a SAM file from a
remote PC.
4) Click Next
5) On Guest id, right click and select dictionary attack NTLM. Select Add, then
browse to where cain is installed (possibly in c:\program\files\cain) Then
select wordlists folder and wordlist.txt. Then click Start.
6) Note options such as As is Password, etc. Also note that you could use a
Brute force attack if you had no luck on a dictionary word from a list file.
However, this would take much longer.
Using APR – ARP Poison Routing.
Theory -- On an Ethernet/IP network, when host A wants to send a packet to
host B, it must know the MAC or physical address of the machine and IP
address. It also needs to know the application layer protocol (IP) address, but
the physical MAC is required for construction of the Ethernet frame. Review
the OSI model if you are unclear on these concepts. In short we have to have
both.
Once it knows the MAC's of the machines on the network, it keeps them stored
in an ARP cache table. However, before it can “know” it has to query the
network to find out the addresses. A host does this by sending out an ARP
request on broadcast to FFFFFFFFFFFF. Only the station with the specified IP
will reply in unicast with an ARP reply packet to the requesting station with it's
MAC. Now host A has an updated table entry for host B and it will
communicate now in unicast directly to it by using the MAC of B in the
Ethernet frame. ARP request and reply packets are only sent if the host
doesn't know the destination machines MAC. Again, once it is learned the
cache is used....this is a key point to why APR works.
How APR works – ARP Poison Routing uses the stored cache as a way to reroute
or re-direct packets from a target, to an intermediary machine, then
forward to the host, thus the middle machine “sees” all traffic between target
and host, even if on a switched LAN. First the target MAC address must be
established, then the APR feature “poisons” the cache of the target by forcing
a cache update with the path re-routed so that the middle machine forwards
traffic to and from host and target. The middle machine can now examine
packets with a sniffer such as Ethereal, Nmap, or others.
Instructions to use APR:
** Before you try this, you must make sure that WinPcap is properly bound to
your NIC. Select Configure and make sure you see your adapter ( s) listed.
At main screen, select Configure, then click your your network adapter, then
Apply and Ok.
1) Click to enable both Sniffer and APR (Left of the + ).
2) Click on +, then Range. Range for your network (based on adapter you
chose) is displayed. Click OK to start scanning.
3) After 100% you will see IP address, MAC, and OUI fingerprint of devices in
range.
4) Now click on APR icon to enable it.
5) Click on + and select IP address to poison, then OK.
6) Now you should see it change from Idle to Poisoning.
7) IP connections should appear from target and spoofing computer(your
computer.
8) So, what we have now, looking at C3, is the target IP on the left, where they
were going on the right. All of this passing harmlessly through the middle
PC.
9) For better analysis of this traffic, and perhaps text strings that have been
sent from the target, etc. (e.g. They connected to Google, but what did
they search for?) We will run a sniffer on the middle computer.
10) Start Ethereal, select Capture, then select the same interface adapter you
selected in Cain. Then select OK. You are trying to capture the packets
being forwarded to and from your machine via ARP session.
11) Stop the capture after connecting to google and searching for items such as
“vacation villas”, or “cheap air fare”. Your machine is now analyzing the
traffic from a target as all of its traffic is rerouted through yours. Note in
Figure C4 we see all traffic listed in the top window of Ethereal (examine
that we see our connection to Google).
12)Click the Protocol field to organize the list, then scroll down to HTTP and
look for GET /search? Here we see in Figure C5 that the user was
searching on vacation villas (vacation+villa).
13)Click the Protocol field to organize the list, then scroll down to HTTP and
look for GET /search? Here we see in Figure C5 that the user was
searching on vacation villas (vacation+villa).
14)When finished select Tools, Disconnect, Disconnect All.
What is Abel? How can I install it ?
Abel is an NT service composed by two files: "Abel.exe" and "Abel.dll". These
files are copied by the installation package into the program's directory but the
service IS NOT automatically installed. Abel can be installed locally or
remotely (using Cain), anyway you need Administrator privileges to do that.
LOCAL INSTALLATION:
1) Copy the files Abel.exe and Abel.dll into the %WINNT% directory (ES:
C:\WINNT)
2) Launch Abel.exe to install the service (not automatically started)
3) Start the service using the Service Manager
REMOTE INSTALLATION (most reliable on wired network):
1) Use the "Network TAB" in Cain and choose the remote computer where Abel
will be installed
2) Right click on the computer icon in the tree and select "Connect As"
4) Provide Administrator credentials for the remote machine.
5) Once connected right click on the "Services" icon and select "Install Abel"
6) The two files "Abel.exe" and "Abel.dll" will be copied into the remote
machine, the service will be installed
and started automatically.
7) Once installed on the remote computer, note that among other things, you
can bring up a console prompt on the remote machine, examine password
Hashes, etc.
2) Click blue + icon on the upper left, note username (ID) and Password and
URL of resource it was saved for on the Protected Storage tab.
3) To save information from any of the Protected Storage sites:
a. Click on one of the resources
b. Right click and select Export
c. Key in name such as resc1.txt
d. Now, open file using notepad or similar text editor
4) To delete entry, left click on item, select either Remove or Remove All.
To find Windows login ID and passwords on a local machine.
• Create three users on your local machine. Make the accounts as follows:
user1 with password of password, user2 with password of 1password1,
and user 2 with password of 123xyz321.
Now proceed to #1 below.
With the different passwords selected, you will be able to examine how
password difficulty affects auditing and cracking techniques.
1) Click on Cracker tab
2) Click on LM & NTLM Hashes
3) Click on + sign icon on toolbar then Dump NT Hashes from Local machine. *
Note, if you have a SAM file from an NT/win2k/XP machine you can also use
the import option to import from that. *See bottom of lab on remote
installation of Abel to see how you might gain access to a SAM file from a
remote PC.
4) Click Next
5) On Guest id, right click and select dictionary attack NTLM. Select Add, then
browse to where cain is installed (possibly in c:\program\files\cain) Then
select wordlists folder and wordlist.txt. Then click Start.
6) Note options such as As is Password, etc. Also note that you could use a
Brute force attack if you had no luck on a dictionary word from a list file.
However, this would take much longer.
Using APR – ARP Poison Routing.
Theory -- On an Ethernet/IP network, when host A wants to send a packet to
host B, it must know the MAC or physical address of the machine and IP
address. It also needs to know the application layer protocol (IP) address, but
the physical MAC is required for construction of the Ethernet frame. Review
the OSI model if you are unclear on these concepts. In short we have to have
both.
Once it knows the MAC's of the machines on the network, it keeps them stored
in an ARP cache table. However, before it can “know” it has to query the
network to find out the addresses. A host does this by sending out an ARP
request on broadcast to FFFFFFFFFFFF. Only the station with the specified IP
will reply in unicast with an ARP reply packet to the requesting station with it's
MAC. Now host A has an updated table entry for host B and it will
communicate now in unicast directly to it by using the MAC of B in the
Ethernet frame. ARP request and reply packets are only sent if the host
doesn't know the destination machines MAC. Again, once it is learned the
cache is used....this is a key point to why APR works.
How APR works – ARP Poison Routing uses the stored cache as a way to reroute
or re-direct packets from a target, to an intermediary machine, then
forward to the host, thus the middle machine “sees” all traffic between target
and host, even if on a switched LAN. First the target MAC address must be
established, then the APR feature “poisons” the cache of the target by forcing
a cache update with the path re-routed so that the middle machine forwards
traffic to and from host and target. The middle machine can now examine
packets with a sniffer such as Ethereal, Nmap, or others.
Instructions to use APR:
** Before you try this, you must make sure that WinPcap is properly bound to
your NIC. Select Configure and make sure you see your adapter ( s) listed.
At main screen, select Configure, then click your your network adapter, then
Apply and Ok.
1) Click to enable both Sniffer and APR (Left of the + ).
2) Click on +, then Range. Range for your network (based on adapter you
chose) is displayed. Click OK to start scanning.
3) After 100% you will see IP address, MAC, and OUI fingerprint of devices in
range.
4) Now click on APR icon to enable it.
5) Click on + and select IP address to poison, then OK.
6) Now you should see it change from Idle to Poisoning.
7) IP connections should appear from target and spoofing computer(your
computer.
8) So, what we have now, looking at C3, is the target IP on the left, where they
were going on the right. All of this passing harmlessly through the middle
PC.
9) For better analysis of this traffic, and perhaps text strings that have been
sent from the target, etc. (e.g. They connected to Google, but what did
they search for?) We will run a sniffer on the middle computer.
10) Start Ethereal, select Capture, then select the same interface adapter you
selected in Cain. Then select OK. You are trying to capture the packets
being forwarded to and from your machine via ARP session.
11) Stop the capture after connecting to google and searching for items such as
“vacation villas”, or “cheap air fare”. Your machine is now analyzing the
traffic from a target as all of its traffic is rerouted through yours. Note in
Figure C4 we see all traffic listed in the top window of Ethereal (examine
that we see our connection to Google).
12)Click the Protocol field to organize the list, then scroll down to HTTP and
look for GET /search? Here we see in Figure C5 that the user was
searching on vacation villas (vacation+villa).
13)Click the Protocol field to organize the list, then scroll down to HTTP and
look for GET /search? Here we see in Figure C5 that the user was
searching on vacation villas (vacation+villa).
14)When finished select Tools, Disconnect, Disconnect All.
What is Abel? How can I install it ?
Abel is an NT service composed by two files: "Abel.exe" and "Abel.dll". These
files are copied by the installation package into the program's directory but the
service IS NOT automatically installed. Abel can be installed locally or
remotely (using Cain), anyway you need Administrator privileges to do that.
LOCAL INSTALLATION:
1) Copy the files Abel.exe and Abel.dll into the %WINNT% directory (ES:
C:\WINNT)
2) Launch Abel.exe to install the service (not automatically started)
3) Start the service using the Service Manager
REMOTE INSTALLATION (most reliable on wired network):
1) Use the "Network TAB" in Cain and choose the remote computer where Abel
will be installed
2) Right click on the computer icon in the tree and select "Connect As"
4) Provide Administrator credentials for the remote machine.
5) Once connected right click on the "Services" icon and select "Install Abel"
6) The two files "Abel.exe" and "Abel.dll" will be copied into the remote
machine, the service will be installed
and started automatically.
7) Once installed on the remote computer, note that among other things, you
can bring up a console prompt on the remote machine, examine password
Hashes, etc.
Hey Guys !
ReplyDeleteUSA Fresh & Verified SSN Leads with DL Number AVAILABLE with 99.9% connectivity
All Leads have genuine & valid information
**HEADERS IN LEADS**
First Name | Last Name | SSN | Dob | DL Number | Address | City | State | Zip | Phone Number | Account Number | Bank Name | Employee Details | IP Address
*Price for SSN lead $2
*You can ask for sample before any deal
*If anyone buy in bulk, we can negotiate
*Sampling is just for serious buyers
==>ACTIVE, FRESH CC & CVV FULLZ AVAILABLE<==
->$5 PER EACH
->Hope for the long term deal
->Interested buyers will be welcome
**Contact 24/7**
Whatsapp > +923172721122
Email > leads.sellers1212@gmail.com
Telegram > @leadsupplier
ICQ > 752822040
i was lost with no hope for my wife was cheating and had always got away with it because i did not know how or
ReplyDeletealways too scared to pin anything on her. with the help a friend who recommended me to who help hack her phone,
email, chat, sms and expose her for a cheater she is. I just want to say a big thank you to
SUPERIOR.HACK@GMAIL.COM . am sure someone out there is looking for how to solve his relationship problems, you can also contact him for all sorts of hacking job..he is fast and reliable. you could also text +1 213-295-1376(whatsapp) contact and thank me later
Hi Guy's
ReplyDeleteFresh & valid spammed USA SSN+Dob Leads with DL available in bulk.
>>1$ each SSN+DOB
>>2$ each with SSN+DOB+DL
>>5$ each for premium (also included relative info)
Prices are negotiable in bulk order
Serious buyer contact me no time wasters please
Bulk order will be preferable
CONTACT
Telegram > @leadsupplier
ICQ > 752822040
Email > leads.sellers1212@gmail.com
OTHER STUFF YOU CAN GET
SSN+DOB Fullz
CC's with CVV's (vbv & non-vbv)
USA Photo ID'S (Front & back)
All type of tutorials available
(Carding, spamming, hacking, scam page, Cash outs, dumps cash outs)
SMTP Linux Root
DUMPS with pins track 1 and 2
Socks, rdp's, vpn's
Server I.P's
HQ Emails with passwords
Looking for long term business
For trust full vendor, feel free to contact
CONTACT
Telegram > @leadsupplier
ICQ > 752822040
Email > leads.sellers1212@gmail.com
FULLZ AVAILABLE WITH HIGH CREDIT SCORES 700+
ReplyDelete(Spammed From Credit Bureau of USA)
=>Contact 24/7<=
Telegram> @leadsupplier
ICQ> 752822040
Email> exploit.tools4u@gmail.com
FRESHLY SPAMMED
VALID INFO WITH VALID DL EXPIRIES
*All info included*
NAME+SSN+DOB+DL+DL-STATE+ADDRESS
Employee & Bank details included
CC & CVV'S ONLY USA $8 FOR EACH
$1 for SSN+DOB
$2 for SSN+DOB+DL
$5 for High credit fullz 700+
(bulk order negotiable)
*Payment in all crypto currencies will be accepted
->You can buy few for testing
->Invalid or wrong info will be replaced
->Serious buyers needed for long term
->Very fast delivery
PLEASE DON'T ASK ANYTHING FOR FREE
TOOLS & TUTORIALS AVAILABLE FOR SPAMMING & HACKING
(Carding, spamming, hacking, scam page, Cash outs, dumps cash outs)
SQL Injector = 250$
Premium Accounts (Netflix, coinbase, FedEx, Pornhub, etc) =25$
Paypal Logins = 150$ (10 Logins)
Bitcoin Cracker = 500$
SMTP Linux Root = 300$
DUMPS with pins track 1 and 2 = 85$
Socks, rdp's, vpn = 25$
Php mailer = 25$
Server I.P's = 100$ (1k ip's)
HQ Emails with passwords = 100$ (1k emails+pass)
*If you need a valid vendor it's very prime chance, you'll never be disappointed*
Telegram> @leadsupplier
ICQ> 752822040
Email> exploit.tools4u@gmail.com
I-C-Q 752822040
ReplyDeleteTeLe GrAm @killhacks
All types of Fresh FUllZ Available in bulk quantity
SSN+DOB
SSN+DOB+DL
High Credit Scroes Fullz (USA)
CC FULLZ WITH CVV (vbv/non vbv)
DUMPS WITH PIN CODES TRACK 101 & 202
HAC-KING/SPA-MMING/CAR-DING/SCR-iPTING
All Tools & Complete Tutorials Guide
Cpan-els/Shells
Key-loggers/RAT-S
SM-TP/RDP
MAIL-ERS
DE-EP/DAR-K WEB COMPLETE COURSE
I-C-Q 752822040
TeLe GrAm @killhacks
CONTACT
[Ha-cking, Spamming, Carding]
ReplyDelete[Tools with Tutorials, Ebooks & Guides]
:-Fresh Spammed Fullz/Pros/Leads
:-All USA states fullz Available
:-High Credit scores & Good Connectivity
=>Details Included
"Name|SSN|DOB|DL|Complete Address|Employee details|Bank Account Details"
>CC's with CVV (USA/UK/Canada)
>Dumps With Pins
>Legit & 100% Valid info
{Contact Details]
WA +92/317/272-1122
ICQ 752-822-040
TG @leadsupplier/@killhacks
*SMTP's/RDP's/Mailers/C-panels
*Brutes/VPN's/Proxies/Server I.p's
*Kali-Linux Complete with tutorials
*D=eep/D==ark web complete courses
*F^^ud B^^le 2021-22-23 Updated
*SQLi Injector/Key-loggers/Viru-ses/RAT's
=>Legit tools with working guarantee
=>Invalid info/Stuff will be replace
=>Payment Mode BTC & USDT
e-mail exploit.tools4u at g-mail dot com
WA +92 317 272 1122
ICQ/TG @killhacks
Thanks in advance