CEH Labs Manual
Sniffers
Module 8
�Modu ule 08 Sniffers s
9
Lab
Perfor P rming Man-I In-The e-Midd dle Attack A k usin ng Cain n & Ab bel
22. Now, , go to Windo ows 7 Virtua al Machine a and start FTP P
Credential Ma anager is a new SSO solution n that Microsoft offers in i Windows Server 2003 and Windows W XP to provide a secured store for credentia al information. It all lows you to input user names and passwords for var rious network resources s and applications once, , and then have the system automatically supp ply that information for su ubsequent visits to those reso ources without your inter rvention
FIGURE 9.16: Co ntrol panel in Wind dows 7
CEH Lab Manual M Page 2
Ethical H Hacking and Coun ntermeasures Cop pyright by EC-Council All Rights R Reserved. Reprodu uction is Strictly Pro ohibited.
�Modu ule 08 Sniffers s
FIGURE 9.17: 9 Turn Window ws features on or of ff feature window This set of cre edentials is stored in the file \Documents and Settings\%Userna ame%\Ap plication Data\Microsoft\C Credentials \%UserSID%\Cr redentials
23. Now access ftp:// /10.0.0.7 in W Windows Se erver 2003
FIGURE 9.18 8: Start ftp://10.0.0 0.7
24. Now, , observe the e tool listing o out more pac ckets exchan nge
Cain & Abel A covers
some security aspects/weakn ness intrinsic of protocol's standards, s authentication n methods and caching mecha anisms.
FIGURE E 9.19: Sniffer wind dow with more pac ckets exchanged
25. Click Password ta ab at bottom m
CEH Lab Manual M Page 3
Ethical H Hacking and Coun ntermeasures Cop pyright by EC-Council All Rights R Reserved. Reprodu uction is Strictly Pro ohibited.
�Modu ule 08 Sniffers s
Figure 9.20 0: Cain and Abel Pa assword tab
Figure 9.21: Ca ain and Abel Passw word Extracted
Lab L Ana alysis
Analyze A and document d the e results relate ed to the lab exercise. Giv ve your opinio on on your y targets security postur re and exposure through h public and f free informati ion.
CEH Lab Manual Page 4
Ethical H Hacking and Coun ntermeasures Cop pyright by EC-Council All Rights R Reserved. Reprodu uction is Strictly Pro ohibited.
�Module 08 Sniffers
PLEASE TALK TO YOUR INSTRUCTOR IF YOU HAVE QUESTIONS RELATED TO THIS LAB.
Questions
1. Determine how you can defend against ARP Cache Poisoning in a network 2. How can you easily find the password captured in EDP MITM attack using only notepad or some other text editor? 3. How can one protect Windows Server against RDP MITM attacks? Internet Connection Required Yes Platform Supported Classroom iLabs No
CEH Lab Manual Page 5
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
