Network Sniffing on Windows

neehosoft May 22, 2010 Computers
Learn how to sniff passwords on a wireless network using a windows computer and cain and abel.
Network Sniffing on Windows
By NeehoSoft
 
Network Sniffing (also called  Network Anylizer or Packet Sniffer) is the ability to "sniff" out incoming and outcomming information on a wifi network. For example, if you were running a sniffer at StarBucks, and someone logged into there gmail, you would have there gmail password.
 
Disclaimer: This tutorial is for educational purposes only. I am not responsible for anything you do from what you learned in this tutorial.
 
Note: If you are on a desktop, you can also run cain and abel as a sniffer on your computer in silent mode, to work kind of as a keylogger. To put into silent mode, press "Alt + Delete" to hide cain and "Alt + Page Up" to show cain.
 
This is a fairly simple task. Your going to have to download Cain and Abel here, which will take care of the sniffing and decrypting of the hashes (which we will get into later).
 Near the end of installation, it will ask you about winpcap. Winpcap is a required driver for cain and abel. Accept the installation you need it to work right.
 
Once it is installed, run it. You will see the Cain and Abel GUI for the first time:, open the "Sniffer tab":
 
 
 
 
Were almost there. The next step is to click the "Configure" button on the File Menu Bar at the top of Cain and Abel. The following menu will come up:
 

 
Under the "Sniffer" tab on configure your going to want to set your wifi card. In some cases, multiple devices will show up. Select your adapter, press apply and then okay.
 
Now your going to want to turn on the sniffer and the ARP poisining, select the following from your menu bar:
 
 
 Once there bolth added, go to the sniffer tab, right click and press scan mac adresses.
You have the option to scan for a Range, but you would normally just hit  "All Hosts in my subnet". Hit okay and it will scan and list:
 
 

Now, if your connected to a network, it will show you all computers and there IP's connected to the network. Next, go to "APR" tab at the bottom and click the Blue Add Cross:

 

 Select the targets to poison.

 If you did it all right, the passwords will appear in "Passwords" tab. The most common are "HTTP". Sometimes your passwords will come up as stuff like:
 
asd3q22rwtg
 
This is a password hash which is a encrypted password. Some sites use them. I am currently writing a follow up guide on cracking these passwords with cain and abel and will upload to this website (tutorial tub). Look at "My tutorials" to find it.
 
 
What did you think of this tutorial?
- 9
1 CommentsAdd a Comment
anshu on Jan 4, 2012
 
dosent work dude. In my device configuration there are 4 devices all with ip addresses 0.0.0.0 Help me.
Name
Comment