acuraman32cl

i was seaching through my hacking sites today and found a nice windows tool which can: a)find current password and brute force attack certan ones, also any cached email etc.. password and b)sniff the network for email password, login passwords etc.... its easy to use (for those who dont use john the ripper, or other hex re-writers) and has a nice windows interface. d/l it at http://www.oxid.it/cain.html its worth it, small file too.

KCPreki11

great, spread it all over ACL

mikeymobiles

isnt this a car forum?

Samer007

RSA SecurID Token Calculator <---- sounds cool

mc222

Nice, I just installed it here at work - All sorts of interesting info.

Samer007

one thing I learned from this: Do not activate autocomplete

Amoeba

I have norton systemworks 2002, says its a virus when i went to install it. Quarentined and deleted, u bastard

eclipse23

Yeah, that's a keeper. John the ripper is also very nice.

CLS2001_97124

Looks like a trojen horse to me... who knows onces you installed it, what kind of info it's pulling off your pc and your company's network and sending it back to some kids/hackers PC.

I hate Sh*t like that!!

EdgarFanCLS

You guys definitely don't want to be packet sniffing on a corporate network. That's a good way to get your ass canned real quick.

CLS2001_97124

I work in the IT department, and I can tell you for sure that we can detect it!

eclipse23

If your paying attention. 95% of IT Departments get hacked not for NOT having the right tools for detecting it but for simply not paying attention.

mc222

Good thing I work in the IT dept too....But my boss just came to me laughing then told me to get that shit off his network--hahahaha....Its gone

acuraman32cl

i have systemworks 2002 too, it isnt a virus. norton will detect any program like that to be a virus. it really isnt.

acuraman32cl

this is the ramblings, so i ramble

NOVAwhiteTypeS

this is why you outsource security to say hmm.. Symantec managed security services. 24/7 security monitoring.

if your webserver gets poped 3am who's gonna notify you?

also you guys do know you can't sniff on a 'switched' network unless the ports are mirrored right?

acuraman32cl

i know that, but they have other programs which can still sniff on a switched network. you are still able to sniff on your own segment. lets say you have a 24 switch going to 12 individual 10 port workgroup hubs. you are still able to sniff off those 10 ports. so it depends on your network.

Python2121

ok guys, lemme round up the shiznit.

ok first of all, there are a lot of programs that can do that. everything from LC3 or LC4 to linux boot disks that allow you to change any password on the system <--ill get everyone a link if you want me to. i have used it numerous times as pranks or fixing comptuers for people when they dont remember their admin password.

second, its really easy to sniff on switched networks. all you need to do is spoof the gateway using (or at least for linux) a program called ArpSpoof. this comes with the packet sniffing program DSniff. the program pretends to be the computer your spoofing and hopes to get the packet first. we did it at school once, sniffing all traffic flowing to the gateway, where we learned a valuable lesson of remember to turn forwarding on, because otherwise the internet goes dead. and in this case that was a high school and 5 elementary schools and a library hehe

also, that was done w/ consent from net admins, or at least to a certain degree

/me ends geek rant

acuraman32cl

dsniff is only available for linix last time i checked. oh and i have a boot disk for 2000/XP/NT which rewrites the passwords in the registry. that one works like a charm. my freinds just bought a laptop and loaded linux up onto it. he has all the 802.11 sniffers he could find on the net (to see which one is the best) and also has arpspoof (along with dsniff as you said). we are gonna drive around out town and find all the wireless routers we can.

CLUofI

you guys are computer wizzes, i just know how to turn it on and burn cd's

kHmER Co

hook me up with some of these programs. in fact since i already do run a 24/7 ftp site i made a login for acl members to dl/ul stuff. login: acura pw:32cls ip:24.127.84.177 feel free to upload pics, programs, music, and movies everything else i dont really care about.

kHmER Co

if you guys have Q's just hit me up on my aim sn ietmeplay, oh yeah. if theres any security risk for me doing this someone advise me to take this off LOL.

Amoeba

I can not get onto your FTP, It says unauthorized IP, i used port 21

zeroday

thanks, but your FTP site is IP source restricted. Doubt you'd want to change that just so we can upload ya pics/etc.

kHmER Co

well i took the ip restrictions out temp. see how it goes?


and theres a folder for the forum in the upload folder