-
November 30th, 2007, 05:58 AM
#1
Junior Member
Sniffing networks
After you use apr posioning from cain to sniff out usernames and passwords how do you decrypt the information you receive. On another note how do you figure out what encryption a website is using? Also, can someone tell me or guide me somewhere that explains certificates because when I sniff myself sites like gmail cause endless popups of invalid certificates.
-
November 30th, 2007, 12:30 PM
#2
when I sniff myself sites like gmail cause endless popups
When I sniff myself, people usually give me funny looks...
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"
-HST
-
November 30th, 2007, 01:03 PM
#3
Why is it I get the distinct feeling that this gentleman will be getting a visit from a black helicopter?
If
sites like gmail cause endless popups
then you must be communicating with them?................. not a good idea in these circumstances I would have thought? the activity will be logged.
On another note how do you figure out what encryption a website is using?
Ask the administrator?
Oh Well!
-
November 30th, 2007, 02:26 PM
#4
Originally Posted by johntuan
After you use apr posioning from cain to sniff out usernames and passwords how do you decrypt the information you receive. On another note how do you figure out what encryption a website is using? Also, can someone tell me or guide me somewhere that explains certificates because when I sniff myself sites like gmail cause endless popups of invalid certificates.
Maybe you should learn to walk before you start running?
http://en.wikipedia.org/wiki/Secure_Sockets_Layer
http://en.wikipedia.org/wiki/Mitm
Oliver's Law:
Experience is something you don't get until just after you need it.
-
November 30th, 2007, 03:05 PM
#5
What I would like to know...is how did the OP get 3 green dots on 1 post....
Specifically this one
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
November 30th, 2007, 07:22 PM
#6
Junior Member
so how do i decrypt the information i receive when using apr poisoning?
-
November 30th, 2007, 07:32 PM
#7
Well one thing you could do is use the built in features from Cane & Abel to do what you desire. And if your unsure of how to do that then the built in help from the program and or the FAQ's from the Authors website might help.
LOGIN: yes
PASSWORD: I dont have one
"Login Failed"
-
November 30th, 2007, 07:55 PM
#8
Errrr, try doing a bit of research? Google is your friend.
You are at a University and one of the requirements of that, is to be able to find things out for yourself, independently, and without being spoon-fed.
I will give you a clue: look for an application called JTR as a starter.
Then look for "decryption tools" and see some of the others. There are loads of tutorials. Just start with one that you understand and realise that there is a learning curve here.
See if you can get your hands on a couple of obsolete machines as "targets" and set up your own small network for experimentation. At least then you have an environment where you control the parameters.
As I posted earlier, don't use tools like Cain & Abel on the internet until you really understand them. You should not be getting responses from external third party sites if you are just "sniffing yourself".............. you are actually drawing unwelcome attention to yourself.
-
November 30th, 2007, 08:18 PM
#9
Originally Posted by morganlefay
What I would like to know...is how did the OP get 3 green dots on 1 post....
Specifically this one
MLF
ill jump on this boat...
Like Nihil said, Cain & Abel can get you into a lot of trouble if misused. I suggest reading up on what your doing, and using a more user friendly tool such as Knoppix STD.
there are so many tutorials and FAQ pages on this subject it will make your eyes bleed, start there!
Good Luck.
Last edited by ArPaNET; November 30th, 2007 at 08:28 PM.
-
November 30th, 2007, 08:47 PM
#10
Junior Member
Originally Posted by nihil
Errrr, try doing a bit of research? Google is your friend.
You are at a University and one of the requirements of that, is to be able to find things out for yourself, independently, and without being spoon-fed.
I will give you a clue: look for an application called JTR as a starter.
Then look for "decryption tools" and see some of the others. There are loads of tutorials. Just start with one that you understand and realise that there is a learning curve here.
See if you can get your hands on a couple of obsolete machines as "targets" and set up your own small network for experimentation. At least then you have an environment where you control the parameters.
As I posted earlier, don't use tools like Cain & Abel on the internet until you really understand them. You should not be getting responses from external third party sites if you are just "sniffing yourself".............. you are actually drawing unwelcome attention to yourself.
Do you usually do ip lookups on every new forum member? Thanks for your help though I have tried google and yes sifting through vast information available on the internet is kind of difficult to find exactly what I need.
Similar Threads
-
By coderecycle in forum Newbie Security Questions
Replies: 9
Last Post: September 25th, 2004, 12:28 AM
-
By tonybradley in forum Network Security Discussions
Replies: 3
Last Post: April 30th, 2003, 08:50 PM
-
By -DaRK-RaiDeR- in forum Newbie Security Questions
Replies: 9
Last Post: December 14th, 2002, 08:38 PM
-
By Noble Hamlet in forum AntiOnline's General Chit Chat
Replies: 1100
Last Post: March 17th, 2002, 09:38 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|