Blog

Sniffing Password in Same LAN Using “Cain & Abel” Software

Hello guys today i am going to tell you about how to hack victim password  if he is connected on same network.

Here I will show you that how simple HTTP and FTP passwords can be sniffed across LAN network. Just follow the steps and you are done.

First install the tool Cain And Able form

Just follow the steps:

Step 1:
Please turn off the windows firewall or any other third party firewall so that all the packets are captured efficiently.

Step 2:
Open Cain and Abel tool

1

Step 3:
Goto -> Sniffer Tab and click Configure in the main menu to configure your packet listening adapter.

2

Step 4:
Select the appropriate network adapter for your network that you want to sniff the packets for plain-text passwords. And Click Ok.

3.png

Step 5:
Click the Green Adapter icon as shown below. This means that you just configured the adapter and now you are turning it ON.

4

Step 6:
Now select the APR tab below as shown and now first click on the right side upper pane area. When you click that area the blue plus (“+”) icon will get enabled. Press that blue plus (“+”) icon.

5

Step 7:
This is very interesting step. Now we need to select the router`s IP address and click ok. This means that we want to listen to every packet that is sent to router. If we select any other IP address in our LAN network then we can listen to only that particular HOST on the network. Since the router responds to all the request of HOSTS connected in a LAN. Thus we can listen to all the HOSTs.

6

Step 8:
Now click the Yellow Circle icon as shown. This means that we are starting ARP poisoning.

7

Step 9:
We can see that in the upper right panel there is an IP address of our router and when we press that Yellow Circle icon (button), it performs ARP poisoning.

Step 10:
Now click the password tab which is at the bottom. We can see that we are getting passwords of HTTP i.e. plain text session in our LAN network.

8

 

This can also create DoS Attak on the LAN network as it creates many fake packets for processing thereby making unable for other HOST to make a request on the network.