CEH Labs Manual

Sniffers
Module 8

Modu 08 Sniffers ule s

9
Lab

Perfor P rming Man-I In-The e-Midd dle Attack usin Cain & Ab A k ng n bel

22. Now, go to Windo 7 Virtua Machine a start FTP , ows al and P

Credential Ma anager is a new SSO solution that n Microsoft offers in Windows i Server 2003 and Windows W XP to provide a secured store for credentia al information. It all lows you to input user names and passwords for var rious network resources and s applications once, and then , have the system automatically supp that ply information for su ubsequent visits to those reso ources without your inter rvention

FIGURE 9.16: Co ntrol panel in Wind dows 7

CEH Lab Manual Page 2 M

Ethical H Hacking and Coun ntermeasures Cop pyright by EC-Council All Rights R Reserved. Reprodu uction is Strictly Pro ohibited.

Modu 08 Sniffers ule s

FIGURE 9.17: Turn Window features on or of feature window 9 ws ff This set of cre edentials is stored in the file \Documents and Settings\%Userna ame%\Ap plication Data\Microsoft\C Credentials \%UserSID%\Cr redentials

23. Now access ftp:// /10.0.0.7 in W Windows Se erver 2003

FIGURE 9.18 Start ftp://10.0.0 8: 0.7

24. Now, observe the tool listing o more pac , e out ckets exchan nge

Cain & Abel covers A

some security aspects/weakn intrinsic ness of protocol's standards, s authentication methods and n caching mecha anisms.

FIGURE 9.19: Sniffer wind with more pac E dow ckets exchanged

25. Click Password ta at bottom ab m

CEH Lab Manual Page 3 M

Ethical H Hacking and Coun ntermeasures Cop pyright by EC-Council All Rights R Reserved. Reprodu uction is Strictly Pro ohibited.

Modu 08 Sniffers ule s

Figure 9.20 Cain and Abel Pa 0: assword tab

Figure 9.21: Ca and Abel Passw ain word Extracted

Lab Ana L alysis

Analyze and document the results relate to the lab exercise. Giv your opinio on A d e ed ve on your targets security postur and exposure through public and f informati y re h free ion.

CEH Lab Manual Page 4

Ethical H Hacking and Coun ntermeasures Cop pyright by EC-Council All Rights R Reserved. Reprodu uction is Strictly Pro ohibited.

Module 08 Sniffers

PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS RELATED TO THIS LAB.

Questions
1. Determine how you can defend against ARP Cache Poisoning in a network 2. How can you easily find the password captured in EDP MITM attack using only notepad or some other text editor? 3. How can one protect Windows Server against RDP MITM attacks? Internet Connection Required Yes Platform Supported Classroom iLabs No

CEH Lab Manual Page 5

Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.