Guide to Sniffing HTTP Passwords with Cain

on June 3, 20152 min read

[alert type=red ]This article is published for educational purposes only in order to rectify the bugs on HTTP security and how easily they can be hacked or cracked using a simple software.[/alert]

Retrieving the username and password of a user without his permission is called sniffing. It is also a type of hacking which can be applied on low-level secure devices without a high level knowledge in computers. We are using our local network to demonstrate the Sniffing.

[alert type=red ]HTTPS cannot be cracked through this method only HTTP based sites and servers can be sniffed.[/alert]

[button color=”yellow” size=”big” alignment=”center” rel=”nofollow” openin=”samewindow” url=”#”]Pre-requisites[/button]

– Computer with admin account.

– Connected to the network you are trying to sniff.

– Cain and Abel software.

– Little common sense.

[button color=”green” size=”big” alignment=”center” rel=”nofollow” openin=”samewindow” url=”#”]Procedure[/button]

First of all you need to install the software Cain and Abel on your computer and run it as administrator.

While starting up, if it gives a warning that firewall is turned then simply click on “OK”.

1. Click on “Sniffer” highlighted in image below.

2. Click on “Configure” circled in the image.

3. Select your Network card. You can easily identify a working Network card by looking whether it has an IP address or not. A working Network card will have an IP address and Subnet mask. Then Click on “OK”.

(a) First activate sniffer mode by simply clicking on the green object.

(b) Then click on the Blue plus sign.

5. Simply click on “OK”. It will scan all the active devices connected to the network.

6. Click on “APR” highlighted in image.

7. Click on the blank space and then once again on that on blue plus sign.

8. Select the modem or the server and then the user you want to sniff. You can select multiple users at time and sniff there username and passwords.

9. Click on yellow icon to start the APR. After clicking, software will start poisoning the victim.

10. You need to wait for the user to login. Once the victim logs in, you can find the username and password. Click on “Passwords” highlighted in the image.

11. Click on HTTP and you will able to see the passwords the software caught.

5 Smartphone Hardware Myths: Busted

Android M Highlights

Telecom AGR dues case: Indian Telecom Industry in Trauma

Aadhaar : Unique indentification or a breach of privacy?

Microsoft’s major update Redstone 4 will make Windows far more user friendly

In 2016, 4G contributed 13% of the total data traffic pan-India

How to use Google News as an RSS feed reader

How to add or Publish a website to Google News?

How to clear app cache or data on Android and When

Top 10 playlists on Apple Music

Best Gaming Mouse in India under 2000: Detailed Review

5 best Zara Fragrances in India for Men

Best External Solid State Drive (SSD) in India 2021

DC Animated Movie Universe Timeline

How OTT is changing the cinema industry?

Dark by Netflix: Masterpiece or Mess?

Top 5 crime TV shows of all time: Look out for #3

5 best Zara Fragrances in India for Men

Canadian Dentist crosses 4,000 KM for his Love at First Sight

There will be an end to unlimited Google Photos storage from June – What can you do?

When to buy a new GPU in 2020?

Guide to Sniffing HTTP Passwords with Cain

Username
Password

	Remember Me Lost your password?