Printable View
When I am working in netowrk, how do they find my password. Is there any way they can sniff my password in windows network?
I use winxp sp2, NTLM authentication enabled. Even is they sniff will they be able to decript the password.
please clarify my doubts.
Yes, it is possible to sniff and crack your password. There are plenty of tools out there to do this.
LC5: http://www.atstake.com/products/lc/
Cain and Abel: http://www.oxid.it/
KerbCrack: http://ntsecurity.nu/toolbox/kerbcrack/
They are just a few of the many that can break your password after captured.
Wonderful.
Thank you, I have tried LC5, Kerbcrack & Kerbsniff. I will try cain&able.
LC5 has the ability to sniff SMB if the network is broadcast network, it dose not work if it is switched network. I dont think Kerbcrack & Kerbsniff can be used to sniff all kinds of authentication e.g., ssl, https, ftp etc.,
But going through the description of Cain&able it seems it has wider applicablity than the other two applications. Let me try out.
Any way thank you very much.
You can use those sniffers on a switched lan. You just have to use something like ettercap before to flood the arp tables. While using ettercap, you can use the other programs to sniff too.
Why dont you just ethereal and sniff all the packets going in and our of the network you can fiter by mac address if you only want a sertin node.
If want to get a really good sniffer, get Ethereal here at http://www.ethereal.com/download.html.
You can also try IRIS . I like the GUI interface of the software.
Thank you all.
I will try all you said.