Welcome back ! Feel free to look around. If you like what you read, mention us in your post or link to this site. Hope to see you again
Showing posts with label Wireless Hacking. Show all posts
Showing posts with label Wireless Hacking. Show all posts

Thursday, 10 November 2011

What Is Sniffing..??

Follow Hackers Spot


Packet Sniffers/Network Packet Sniffers

Packet sniffer, network packet sniffer or simply sniffers are programs or devices that can monitor data traveling over a network. They usually work by capturing packets from Data Link Layer(read OSI model for more information) and hence called as packet sniffers. They can be used for legitimate as well as illegitimate activities. Legitimate activities include network traffic monitoring and administration where as illegitimate activities may include stealing passwords,
email text as well as files that are in transfer. They are available for all well known platforms like Windows, UNIX, Linux etc.
On the basis of on which type of network sniffing is done sniffing is classified as follows,
  • Passive Sniffing
  • Active Sniffing
Passive Sniffing:
In passive sniffing a sniffers gathers packets from data link layer. At practical level it can grab all packets in LAN network. This is because a network with hub implements a broadcast medium shared by all systems on the LAN. Any data sent over LAN is actually sent to each and every machine connected to LAN. Majority of sniffer tools are ideally suited to sniff data in a hub environment. These tools are know as passive sniffers because they passively wait for data to be sent for capturing.

Active Sniffing:
A countermeasure against sniffing is to replace the network hub with a switch. Unlike a hub-based network, switched Ethernet does not broadcast all information to all systems on the LAN. So passive sniffer will not be able to sniff data on switched network. For sniffing around a switched network an attacker actively injects traffic into LAN to enable sniffing of the traffic. This is known as Active Sniffing. ARP spoofing, MAC Flooding, MAC duplicating are all methods of active sniffing.
Protocol Vulnerable To Sniffing:
HTTP, SMTP, NNTP, POP, FTP, IMAP, Telnet, Rlogin practically every protocol that does not uses encryption
Posted by Anonymous at 02:55 1 comments
Labels:
Follow Hackers Spot

                                                           ARP Poisoning                                     

ARP poisoning is also known as ARP Spoofing, ARP Flooding and ARP Poisoning Routing. So what basically is ARP poisoning ? It is technique which allows an attacker sniffs traffic from Local Area Network (LAN), monitors it and even stop it. ARP poisoning is done by sending fake or spoofed messages to an Ethernet LAN card. By doing so an attacker manages to associate its MAC address with IP address of another node on network
(which is basically default gateway IP). Then the traffic meant for gateway first goes to attacker and then to gateway thus allowing attacker to sniff traffic from network. To launch APR poisoning attack the attacker's system must be connected in LAN if wired else it should be at least in range of wireless network. This is just a tutorial on ARP poisoning so we will discus its anatomy someday later.

For this tutorial you will need Cain And Abel, its a Windows based sniffing plus password breaking tool. And at least two computers connected in LAN. Next you'll need a SSL strip if you are protected by SSL or if you want to sniff for HTTPS sites. As a suggestion I would recommend using Ettercap on Linux for this kinda attack since finding SSL strip for windows is little tough.

So first of all download and install Cain And Abel. Before you start sniffing you have to configure your LAN card to sniff, so click on configure button and select your active LAN card for sniffing.
Now click on sniffer tab (1), then click on sniff button (2), and lastly click on add button (3). After pressing add button it will ask you to select range to scan, let things be default and press okay.
After scanning it will show you list of devices connected in network. You can right click on them to resolve their host names.
To poison them click on small radioactive button on right most side at bottom. Click add button again and select hosts you want to poison, its always better to select router if present since it is able to tackle traffics from several computers connected in network. Now to poison hosts press on radioactive button on toolbar.
Now click on password tab from present at bottom and anyone who will be using internet that time will reveal its password to Cain And Abel.

As an ARP poisoning tutorial we covered our active sniffing here. But anyhow I 'll not advise you to use windows based tools since finding plug-ins and add-on for them is difficult. If you are regular reader of my blog then I want to ask you to switch to Linux and get started on programming. If you haven't yet switched to Linux then I think its right time switch now. Till next time have a nice time and keep visiting.
Posted by Anonymous at 02:47 1 comments
Labels:

Scanning With Wireless Network..`

Follow Hackers Spot
                                Packet Sniffing
I will be using the program Wireshark do demonstrate packet sniffing. Packet sniffing is the act of capturing packets going through a network. With a packet sniffer, once a hacker gains access to wireless network he could intercept private information going through a network such as: usernames, passwords, IM conversations, and e-mails. Let’s show you an example.
1. Download and install Wireshark .

2. Launch it and click on the option to list the available capture interfaces as shown below.

3. Next choose the target to begin to capture their packets and click on start.

4. If you don’t know which one to choose, wait a little bit and the one that accumulates the most packets is your best choice. Many captured packets shows that the user is currently active.
5. Now to show you an example of how Wireshark can be used I will start up Windows Live and send a message. As you will see in the image below, my whole conversation will be captured. To filter out all the useless data and to only display the Windows Live related packets type in “msnms” in the filter bar.


6. As you can see, my message is displayed at the bottom. If I continue down the list I can see the whole conversation. Usernames and passwords are captured the same way, and if they aren’t encrypted, you can see them in plain text.

Some other useful sniffing programs to learn:
• WinDump
• Snort
• Dsniff

IN My Next Post I Have Posted A Way To Hack Facebook Account Using "WireShark"(Packet Sniffing)
or   (Cookie Stealing)    See The Post


YI
Posted by Anonymous at 02:09 1 comments
Labels:
Subscribe to: Posts (Atom)