Home >Unlabelled >
Posted on 7/25/2009
LAN Hacking tutorial (Create a Newbie who want to learn hack)
How to hacking via the LAN (to steal a pass people browsing)
First of all sorry I repost this technique because the technique is not fresh in the world of hacking, but this technique has not been stale because up to now can still be used because most network meggunakan network hub & switch that does not terenkripsi.Mengapa not encrypted?
* Network Admin is the person most of the IT specialist in making the program, not in Network Security * If the encrypted bandwidth will need inet increased and of that already this lemot akan lemot and finally the error page * price is not cheap to obtain the encrypted
The difference between the Hub and Switch network:
* At the network hub of all data that flows in the network can be viewed / retrieved by any computer on the network asalakan computer merequest data, I do not direquest will not come .* The network switch that the computer only to exchange data to see data , the other komputer2 not entitled merequest data.
The problem is the price of the hub router and switch does not differ greatly so most places are now using the method to make the switch network hacking.
Hacking using this technique:
* * Sniffing ARP Poison Routing
The two techniques above will not be prevented by a firewall on any computer of the victim, guaranteed.
Important Note: ARP Poison Routing can meyebabkan denial of service (dos) on one of / all the computers on your network
Advantages:
* Not detected by the firewall types and any series because kelemahannya located on the network system not on the computer * can steal all of the login password via the HTTP server * can steal all the login password of the Hub in the network is activated during the program * To ARP poisoning can be used to steal your password in the HTTPS * All programs free
Disadvantages:
* To be at Switch network ARP poisoning at 1 and bandwidth you will be eaten accidentally much for it (I inet super fast ga problems) * discovered not by the network admin outside my responsibilities
Start from here that's in the network in this story have 3 computers, which are:
* Victims * Computers * Computer Hacker Server
Differences between the network switch and a network hub: The first step:
1. Check your network type, you have the network switch / hub. If you are in the network hub be grateful because the process of hacking you will be far more mudah.2. Download the programs that is needed Wireshark and Cain & Abel.Code:
http://www.wireshark.org/download.htmlhttp://www.oxid.it/cain.html
How to Use WireShark:
* Run the program wireshark * Press Ctrl + k (option-click capture ago) * Make sure the content is Interfacenya your Ethernet card for the network, if not change and make sure that "Capture packets in promiscuous mode" * Click on the button start * Click the stop button after you are sure that no password is entered for you to press the start button you can see all types of the packet in the incoming and outgoing network (or on your computer only if you use a network Swtich * To analyze the data is right-click on the data want in the analysis and click "Follow TCP Stream" and congratulations to analyze paketnya (I will not explain how because I can not) * What's clear from the data is definitely in there informasi2 entered the victim to the website and vice versa
How the above applies only if your network is not the Hub switchDari on how you can know that your network is a hub / switch with a view in the IP Source and Destination IP. When the line on every one of them is the ip then you can be your network is a network switch, if I do not mean otherwise.
How to Use Cain & Abel:
* The use of this program is much easier and simple than using wireshark, but if you want a packet of all exit and entry is recommended you use the wireshark program * Open the program you Cain * Click on the configure * In the "Sniffer" select ethernet card akan you use * In the "HTTP Fields" you must add a username and password fields when its fields you want is not in daftar.Sebagai example, I will inform you that I want to hack password Friendster you need to add the username in the fields and fields passworsd word name , to the other you can find it by pressing the right click view source and you should find a variable input login and password from the website. Which is already in default rasanyan already full enough, you can steal a pass in there without adding any klubmentari .* After that settingannya apply and click ok * In the main menu there are 8 tabs, and will be discussed only 1 tab is the tab "Sniffer" Therefore, select the tab and it should not pindah2 of the tab to prevent confusion * Activate your own Sniffer with sniffer clicking the button on the top tab2, the search for the key writings that "Start / Stop Sniffer" * If you have time in the network hub This you already know the password can be entered with a click on the tab (The tab on the bottom that is not in the middle, which is the no-click-clicked again) "Passwords" you choose a password from the connection which you want to see akan already registered there * If you have appeared on the network switch, this requires more struggle, you must activate the APR tombolonya have the right Sniffer (And this does not guarantee successful manage because of the switch is far more comprehensive & secure from the hub) * Before the activated the sniffer tab select the bottom of the APR * 2 will be seen that the list is empty, click on the top of the list is empty and then click the "+" (such as the form) that is in the range key sniffer APR etc. * There will be 2 fruit which contains all the field the host on your network * Connect the victims ip address ip address and gateway servers (to know the address of the gateway server on the computer click start you select run and type cmd type ipconfig in the command prompt) * Once the new switch the APR, and all the data from victim to the server computer you can see in the same way.
You can run both programs simultaneously in the top (for APR Cain and wireshark for packet sniffing) when you want a more maximum results.
Password that you can steal the password of the HTTP server (the server that is not encrypted), if the data is encrypted on the server that you have to mendekripsi data obtained before the password (and that will require that STEP 2 is much more of how long this hack )
For terms that are not ngerti can be searched on wikipedia (but that is what the English indo jg not have).