HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 57 guests online
 
Advertisement

You are here: Home arrow Columnsarrow Wilsonarrow [Article]-Video: Man-in-the-Middle Attack on MySpace with Cain
EH-Net
May 22, 2013, 12:28:21 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: [Article]-Video: Man-in-the-Middle Attack on MySpace with Cain  (Read 52750 times)
0 Members and 1 Guest are viewing this topic.
don
Editor-In-Chief
Administrator
Hero Member
*****
Offline Offline

Posts: 4165


Editor-In-Chief


View Profile WWW
« on: March 14, 2008, 11:42:22 AM »
This one uses MySpace as the hypothetical target. Expect many more of these from Brian, our resident Cain expert. Well done my friend.

Permanent link: [Article]-Video: Man-in-the-Middle Attack on MySpace with Cain

Quote

By Brian Wilson, CISSP, CCNA, CCSE, CCAI, MCP, Network+, Security+, JNCIA

Last year at ChicagoCon 2007, Brian Wilson gave a great talk entitled "Cain & Abel: Windows Can Hack, Too!" Although the presentation and audio recording of the talk can be downloaded from the ChicagoCon  Media Lab
 2007 Evening Presentation Files, I had totally forgotten to publish his videos. Just in case things didn't go as planned during the live event or his laptop crapped out on him, Brian made a video of the MITM attack he demonstrated using Cain. They made it on the DVD passed out to the attendees, but unfortunately not in his column... until now!


Although we often talk about this incredibly versatile tool here on EH-Net, for the uninitiated...

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols.



Thanks again Brian. Please offer Brian your thoughts and also requests for additional Cain vids.

Don
« Last Edit: March 14, 2008, 12:32:24 PM by don » Logged
CISSP, MCSE, CSTA, Security+ SME
Andrew Waite
Hero Member
*****
Offline Offline

Posts: 928



View Profile WWW
« Reply #1 on: March 14, 2008, 11:48:28 AM »
Brian,

nice video, I've had Cain&Abel on my 'Must look at' list for a while. Think you've just jumped it to the top of the queue.

Thanks
Logged
-- http://www.infosanity.co.uk
-- http://blog.infosanity.co.uk
don
Editor-In-Chief
Administrator
Hero Member
*****
Offline Offline

Posts: 4165


Editor-In-Chief


View Profile WWW
« Reply #2 on: March 14, 2008, 03:36:47 PM »
Sir Brian has never made it to diggs front page or slashdotted. Let's help make it happen for him.

http://digg.com/microsoft/Video_Man_in_the_Middle_Attack_on_MySpace_with_Cain

You have 24 hours to do your part!!

Don
Logged
CISSP, MCSE, CSTA, Security+ SME
pseud0
Recruiters
Full Member
*
Offline Offline

Posts: 208



View Profile
« Reply #3 on: March 15, 2008, 09:09:35 AM »
Sweet mamba-jamba!!  Slashdotted!!
http://it.slashdot.org/article.pl?sid=08/03/15/1242252&from=rss
Logged
CISSP, CISM, CISA, GCIH, GREM, CEH, HMFIC, KTHXBIROFLCOPTER
Andrew Waite
Hero Member
*****
Offline Offline

Posts: 928



View Profile WWW
« Reply #4 on: March 15, 2008, 09:27:05 AM »
Quote from: pseud0 on March 15, 2008, 09:09:35 AM
Sweet mamba-jamba!!  Slashdotted!!
http://it.slashdot.org/article.pl?sid=08/03/15/1242252&from=rss

w00t!

Hows the site holding up under the legendary /. effect Don?
Logged
-- http://www.infosanity.co.uk
-- http://blog.infosanity.co.uk
LSOChris
Guest
« Reply #5 on: March 15, 2008, 11:15:01 AM »
thanks for the link and the reminder why i dont read slashdot, most of those replies are pure garbage.
Logged
don
Editor-In-Chief
Administrator
Hero Member
*****
Offline Offline

Posts: 4165


Editor-In-Chief


View Profile WWW
« Reply #6 on: March 15, 2008, 11:24:18 AM »
So far so good.

Congrats, Brian. Helluva week for you my friend. Your good fortune is well deserved.

Don
Logged
CISSP, MCSE, CSTA, Security+ SME
slimjim100
EH-Net Columnist
Sr. Member
*****
Offline Offline

Posts: 385



View Profile WWW
« Reply #7 on: March 15, 2008, 12:49:26 PM »
Thanks everyone!!!!  Don called me on my Cell and told me I was slashdot'ed. I was on a 3 mile hike with my kids for Cub Scouts... I was like wow and I told some of the other fathers out on the trail and they where like what is slashdot and I said never mind. lol

Brian
Logged
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
LSOChris
Guest
« Reply #8 on: March 15, 2008, 09:41:17 PM »
that's awesome
Logged
slimjim100
EH-Net Columnist
Sr. Member
*****
Offline Offline

Posts: 385



View Profile WWW
« Reply #9 on: March 15, 2008, 10:11:49 PM »
Wow over 8,000 hits to the video in 12 hours thats crazy! I hope Don's hosting company does not charge him to much for the extra bandwidth. Anyway thanks again for all of you guys/gals support. I will be doing a newer live demo of Cain & Able at Chicagocon this year and if all goes right I hope to show you how to own and record VoIP calls, Take over Cisco routers, Crack WEP with packet injection (yes in windows) and so much more. Cain is truly a good place to learn a lot of hacking and auditing skills on a Windows PC.

Brian
Logged
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
subbukl
Newbie
*
Offline Offline

Posts: 1


View Profile
« Reply #10 on: March 22, 2008, 08:07:55 PM »
dont you think arpspoof and etherial is much simpler for this ?
~
Logged
LSOChris
Guest
« Reply #11 on: March 22, 2008, 09:23:20 PM »
no
Logged
slimjim100
EH-Net Columnist
Sr. Member
*****
Offline Offline

Posts: 385



View Profile WWW
« Reply #12 on: March 23, 2008, 11:05:08 AM »
Well I do like Ethereal but only after I have a good APR with Cain going then I can look at all traffic on a subnet for trouble shooting. It's like making a mirror or trunk port on a switch that might not have management features.

Brian
Logged
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
don
Editor-In-Chief
Administrator
Hero Member
*****
Offline Offline

Posts: 4165


Editor-In-Chief


View Profile WWW
« Reply #13 on: April 15, 2008, 08:31:14 PM »
Congrats, Brian!!

100,000 Page Views!!

Don
Logged
CISSP, MCSE, CSTA, Security+ SME
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.079 seconds with 24 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Free Business and Tech Magazines and eBooks

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.