.

[Article]-Video: Man-in-the-Middle Attack on MySpace with Cain

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Fri Mar 14, 2008 11:42 am

[Article]-Video: Man-in-the-Middle Attack on MySpace with Cain

This one uses MySpace as the hypothetical target. Expect many more of these from Brian, our resident Cain expert. Well done my friend.

Permanent link: [Article]-Video: Man-in-the-Middle Attack on MySpace with Cain


By Brian Wilson, CISSP, CCNA, CCSE, CCAI, MCP, Network+, Security+, JNCIA

Last year at ChicagoCon 2007, Brian Wilson gave a great talk entitled "Cain & Abel: Windows Can Hack, Too!" Although the presentation and audio recording of the talk can be downloaded from the ChicagoCon  Media Lab Image
2007 Evening Presentation Files, I had totally forgotten to publish his videos. Just in case things didn't go as planned during the live event or his laptop crapped out on him, Brian made a video of the MITM attack he demonstrated using Cain. They made it on the DVD passed out to the attendees, but unfortunately not in his column... until now!


Although we often talk about this incredibly versatile tool here on EH-Net, for the uninitiated...

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols.





Thanks again Brian. Please offer Brian your thoughts and also requests for additional Cain vids.

Don
Last edited by don on Fri Mar 14, 2008 12:32 pm, edited 1 time in total.
CISSP, MCSE, CSTA, Security+ SME
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 928

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Fri Mar 14, 2008 11:48 am

Re: [Article]-Video: Man-in-the-Middle Attack with Cain

Brian,

nice video, I've had Cain&Abel on my 'Must look at' list for a while. Think you've just jumped it to the top of the queue.

Thanks
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Fri Mar 14, 2008 3:36 pm

Re: [Article]-Video: Man-in-the-Middle Attack on MySpace with Cain

Sir Brian has never made it to diggs front page or slashdotted. Let's help make it happen for him.

http://digg.com/microsoft/Video_Man_in_ ... _with_Cain

You have 24 hours to do your part!!

Don
CISSP, MCSE, CSTA, Security+ SME
<<

pseud0

User avatar

Recruiters
Recruiters

Posts: 210

Joined: Sat Nov 17, 2007 8:26 pm

Location: Detroit, Michigan

Post Sat Mar 15, 2008 9:09 am

Re: [Article]-Video: Man-in-the-Middle Attack on MySpace with Cain

CISSP, CISM, CISA, GCIH, GREM, CEH, HMFIC, KTHXBIROFLCOPTER
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 928

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Sat Mar 15, 2008 9:27 am

Re: [Article]-Video: Man-in-the-Middle Attack on MySpace with Cain

pseud0 wrote:Sweet mamba-jamba!!  Slashdotted!!
http://it.slashdot.org/article.pl?sid=0 ... 2&from=rss


w00t!

Hows the site holding up under the legendary /. effect Don?
<<

LSOChris

Post Sat Mar 15, 2008 11:15 am

Re: [Article]-Video: Man-in-the-Middle Attack on MySpace with Cain

thanks for the link and the reminder why i dont read slashdot, most of those replies are pure garbage.
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Sat Mar 15, 2008 11:24 am

Re: [Article]-Video: Man-in-the-Middle Attack on MySpace with Cain

So far so good.

Congrats, Brian. Helluva week for you my friend. Your good fortune is well deserved.

Don
CISSP, MCSE, CSTA, Security+ SME
<<

slimjim100

User avatar

EH-Net Columnist
EH-Net Columnist

Posts: 385

Joined: Wed Nov 08, 2006 12:50 pm

Location: Atlanta

Post Sat Mar 15, 2008 12:49 pm

Re: [Article]-Video: Man-in-the-Middle Attack on MySpace with Cain

Thanks everyone!!!!  Don called me on my Cell and told me I was slashdot'ed. I was on a 3 mile hike with my kids for Cub Scouts... I was like wow and I told some of the other fathers out on the trail and they where like what is slashdot and I said never mind. lol

Brian
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
<<

LSOChris

Post Sat Mar 15, 2008 9:41 pm

Re: [Article]-Video: Man-in-the-Middle Attack on MySpace with Cain

that's awesome
<<

slimjim100

User avatar

EH-Net Columnist
EH-Net Columnist

Posts: 385

Joined: Wed Nov 08, 2006 12:50 pm

Location: Atlanta

Post Sat Mar 15, 2008 10:11 pm

Re: [Article]-Video: Man-in-the-Middle Attack on MySpace with Cain

Wow over 8,000 hits to the video in 12 hours thats crazy! I hope Don's hosting company does not charge him to much for the extra bandwidth. Anyway thanks again for all of you guys/gals support. I will be doing a newer live demo of Cain & Able at Chicagocon this year and if all goes right I hope to show you how to own and record VoIP calls, Take over Cisco routers, Crack WEP with packet injection (yes in windows) and so much more. Cain is truly a good place to learn a lot of hacking and auditing skills on a Windows PC.

Brian
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
<<

subbukl

Newbie
Newbie

Posts: 1

Joined: Sat Mar 22, 2008 8:04 pm

Post Sat Mar 22, 2008 8:07 pm

Re: [Article]-Video: Man-in-the-Middle Attack on MySpace with Cain

dont you think arpspoof and etherial is much simpler for this ?
~
<<

LSOChris

Post Sat Mar 22, 2008 9:23 pm

Re: [Article]-Video: Man-in-the-Middle Attack on MySpace with Cain

no
<<

slimjim100

User avatar

EH-Net Columnist
EH-Net Columnist

Posts: 385

Joined: Wed Nov 08, 2006 12:50 pm

Location: Atlanta

Post Sun Mar 23, 2008 11:05 am

Re: [Article]-Video: Man-in-the-Middle Attack on MySpace with Cain

Well I do like Ethereal but only after I have a good APR with Cain going then I can look at all traffic on a subnet for trouble shooting. It's like making a mirror or trunk port on a switch that might not have management features.

Brian
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Tue Apr 15, 2008 8:31 pm

Re: [Article]-Video: Man-in-the-Middle Attack on MySpace with Cain

Congrats, Brian!!

100,000 Page Views!!


Don
CISSP, MCSE, CSTA, Security+ SME

Return to Wilson

Who is online

Users browsing this forum: No registered users and 2 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software