Subject: Re: Windows NIC in promiscuous mode?
Name:
tide Date: 8/3/2002 2:42:22 AM (GMT-7)
IP Address: 213.180.166.102 In Reply to: Windows NIC in promiscuous mode? posted by
Chris Message:
Well, I'd recommend you setting up a linux box to have real fun. You cannot set a nic into prom. mode by hand. that's a software thing and it might depend on the platform you're running on.
Ethereal is one of _the_ tools to sniff networks. You get a nice overview over network packets and their contents. flags ect. From sessions like ftp, http, telnet, rlogin, rsh etc you can just read the username and password from the packets...
Ethereal doesn't store anything the way a password cracker could understand it - it saves the actual network traffic you've recorrded. what you need ist the hash value of the password.
To crack a w2k login you'd need the .sam password file where the password is stored in and feed that into the cracker.
As already stated, most protocols are unencrypted and with a few clicks in ethereal, you get the password and username from a login procedure...
But you better don't play with that kind of stuff at work. you better call your it-security guy at work to explain your boss what a f****** stupid idea it is - you said it yourself, he has no idea of security.
What you (or some it staff) can demonstrate your boss is how easy a password is cracked - just install lc4 on your boss' computer (after he allowed you to do so) then crack his password file. I bet that (1) you get his password within 5mins (2) the password is in lc4's dictionary
Definitely talk to the it staff...
|