Penetration Testing mailing list archives
RE: Cain a& Abel Question
From: "Eliot Mansfield" <Eliotm () eurodatasystems com>
Date: Thu, 22 May 2003 09:40:48 +0100
Persumably a cunning attack vector would be to compromise a private network, generate a self signed certificate and use windows 2000 group policy to deliver your untrusted root ca as a trusted ca into everyones browser. Then C&A and Doug Songs tools would work without warning?? Eliot Mansfield -----Original Message----- From: Cushing, David [mailto:David.Cushing () hitachisoftware com] Sent: 21 May 2003 19:15 To: pjacob () ftmc com; pen-test () securityfocus com Subject: RE: Cain a& Abel Question Pete, What you are seeing is the result of a "man in the middle" style attack rather than a decoding of your SSL connection to the bank. C&A is intercepting and forwarding your traffic due to the ARP poisoning. Your browser negotiates an SSL connection with C&A. C&A negotiates another SSL connection to the bank. Then C&A is able to see all traffic in plaintext as it passes it along. Browser <--ssl--> C&A (plaintext) <--ssl--> Bank The program is not able to generate a proper certificate to hand your browser, though. It is self signed and will not be trusted by your browser. An alert should have popped up when you opened the page. Did it? Cain info: http://www.oxid.it/cain_faq.html MiM info: http://www.sans.org/rr/threats/man_in_the_middle.php -- David
-----Original Message----- I was reading thru the list and decided to give Cain & Abel a try... it is a really powerful tool, I do have a question, I was running it using the ARP poisoning from one of my test machines to my internet gateway.. (Cisco 3600 series) I logged into my On-line banking account, which is an SSL connection, and Cain & Abel picked up my username and passsword as "Clear text"... I guess I am confused about this... when I goto the site, it is an SSL site,it appears that the entire session is SSL, and Cain & Abel is not doing any sort of "Cracking" and if the software "Cain & Abel" is doing some sort of sniffing, wouldn't it be encrypted via SSL?
--------------------------------------------------------------------------- *** Wireless LAN Policies for Security & Management - NEW White Paper *** Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs. To get your FREE white paper visit us at: http://www.securityfocus.com/AirDefense-pen-test ---------------------------------------------------------------------------- --------------------------------------------------------------------------- *** Wireless LAN Policies for Security & Management - NEW White Paper *** Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs. To get your FREE white paper visit us at: http://www.securityfocus.com/AirDefense-pen-test ----------------------------------------------------------------------------
Current thread:
- Cain a& Abel Question Pete Jacob (May 21)
- <Possible follow-ups>
- RE: Cain a& Abel Question Cushing, David (May 21)
- RE: Cain a& Abel Question Pete Jacob (May 22)
- RE: Cain a& Abel Question n0brain (May 22)
- RE: Cain a& Abel Question Sebastian Garcia (May 22)
- RE: Cain a& Abel Question Pete Jacob (May 22)
- RE: Cain a& Abel Question Eliot Mansfield (May 22)
- RE: Cain a& Abel Question Christopher Harrington (May 22)
- RE: Cain a& Abel Question Cushing, David (May 22)
- Re: RE: Cain a& Abel Question Anish (May 22)