First of all sorry if repost because this technique is not a fresh technique in the world of hacking but this technique has not been spoiled because until now still be used because most networks use a network of hubs and switches that are not encrypted.
Why not encrypted?
* Network Admins were mainly IT specialists in making the program,
not in the Network Security
* If the encrypted dibuthkan bandwidth will increase and certainly have inet
This will further slow slow and eventually an error page
* The price is not cheap to obtain the encrypted
Hacking is using technique:
* Sniffing
* ARP Poison Routing
The two techniques above will not be prevented by any firewall on the victim's computer, guaranteed.
Important Note: ARP Poison Routing can cause denial of service (dos) on one / all the computers on your network
Pros:
* It will not be detected by the firewall types and any series because of weakness
lies in not on the computer network system
* You can steal all kinds of login passwords through the HTTP server
* You can steal all those login passwords on the network hub for the program is activated
* For the ARP Poisoning can be used to steal passwords in HTTPS
* All free programs
Disadvantages:
* To network switch must be in the ARP poisoning one by one and your bandwidth will
consumed a lot for it (if inet super fast do not matter)
* Caught / not by the network administrator outside of my responsibilities
Start here assume that the network in this story there are 3 computers, namely:
* Computer Victims
* Computer Hacker
* Servers
The differences between the network switches and network hubs:
First Steps:
1. Check your network type, you have the network switch / hub. If you are in
network hub thankful because the process of hacking you will be much easier.
2. Download the required programs of Wireshark and Cain & Abel.
Code:
http://www.wireshark.org/download.html
http://www.oxid.it/cain.html
How to Use Wireshark:
* Run the program wireshark
* Press the Ctrl + k (capture and then click option)
* Make sure the content on your Card Ethernet interfaces are bound to the network,
if not replace and make sure that "Capture packets in promiscuous mode" on
* Click the start button
* Click the stop button after you feel confident that no password is entered during
you press the start button
* You can see all types of incoming and outgoing packets on the network (or at
your computer only if your network uses Swtich
* To analyze data right click on the data you want in the analysis and click
"Follow TCP Stream" and congratulations to analyze the package (I will not explain
way because I can not: D)
* What is clear from the data contained therein would have entered the victim informasi2
to the website and vice versa
Way above applies only if your network is not a switch hub
From the above you can find out that your network is a hub / switch by looking at the column IP Source and Destination IP. If at each line one of them is your ip it is certain that your network is a network switch, if not ya mean the opposite.
How to Use Cain & Abel:
* The use of this program is much easier and simpler than using wireshark,
but if you want all packets that has been outgoing and incoming recommended
you use the wireshark program
* Open the program you Cain
* Click on the Configure
* In the "Sniffer" select ethernet card that you will use
* In the "HTTP Fields" you should add your username and password fields
his fields if you want is not listed.
As an example I'll let you know that if you want to hack Friendster password you have to add in the username fields and fields passworsd word name, for others you can find it by pressing the right click view source and you should seek the input variables from the website login and password. Already in default rasanyan already quite complete, you can steal the pass that is in klubmentari without adding anything.
* After that apply and click ok settingannya
* On the main menu, there are 8 tabs, and which will be discussed only 1 tab is the tab "Sniffer" because it is select that tab and do not pindah2 from that tab to prevent your own confusion
* Activate the Sniffer sniffer by clicking the button at the top tab2 it, find the button that his writings "Start / Stop Sniffer"
* If you're at a network hub at this time you already know the password can enter by clicking the tab (this time the tab at the bottom instead of in the middle, the middle is no need to click-click again) "Passwords"
* You can just choose a password from which the connection you want to see will already listed there
* If you were there at the network switch, it requires more struggle, you must activate the APR which is on the right tombolonya Sniffer (And is not guaranteed to succeed because the manage of the switch is much more comprehensive and secure from the hub)
* Before activated at the bottom of the sniffer tab select APR
* It will be seen 2 pieces that are still empty list, click an empty part of the list then click the "+" (shaped like it) in the ranks of the sniffer APR etc.
* There will be 2 pieces of field containing all the available hosts on your network
* Connect the victims ip address ip address and gateway servers (to know the address of the gateway server click start on the comp you select the run type cmd then type ipconfig at a command prompt)
* After that activate the APR, and all the data from the comp victim to a server you can see in the same way.
You can run both programs on simultaneously (for APR Cain and wireshark for packet sniffing) if you want maximum results.
Passwords can be stolen is the password in HTTP server (the server is not encrypted), if such data exist on the server that is encrypted then you have to decrypt the data before obtaining the password (and it will require a much longer langkah2 of the way this hack )
For terms that do not understand can be found on wikipedia (but the english indo jg ya if that does not necessarily exist).
Additional Material:
For those who already can not steal APRKalo via HTTPS pass this way (eg click bca, blm never tried real g's just reading from the book):
* Activate the APR on the victim's computer
* When the victim went into KlikBCA APR will automatically create a fake certificate so that the data will be transmitted unencrypted again (this will cause the added many certificate warnings in the victim's computer, but if he is not so concerned must not get caught)
* Certificate fake it will be seen in the field Cain https in your program
* After the victim logs in the log look at the https and right click select view
* From this data you can find the login password of the victim (try cari2 itself must meet).
Please try, if successful do not forget to share here ya ...: D
No comments:
Post a Comment