Solved

Cain and Able, wireshark, wireless, etc.

Posted on 2013-10-24
16
582 Views
Last Modified: 2013-11-18
Anybody Cain and Able or ethical hacking experts.

I have a computer that hasn't been used in awhile, but is available.
We generally use the new PC as its better..

We know the admin password of the local account and get logged on.
We have online accounts that we use all the time (new PC). no problem. easy right.
Well we forgot passwords to some of the rare sites we used to use... so just change password right -- well the email address associated with the userid is no longer being used, so if a password request link was sent, we don't even know where it would send too. esecpially in the case where it was a yahoo.com account that sat unused for years, so it deleted/deactivated it. tryied to log into yahoo, with believed account and it looks like it has been repurposed or in another example this account is available, do you wish to register and create an new account with this name...

Alright, getting of base here -- the issue is that the old pc has visted these sites, has logged on, even has the userid email address cached, which sent me down the road of yahoo validation,,, but since they retried and password reset link isn't available -- I want to see if I can hack the old computer and find out all the passwords used for the sites and logon id for the given account... Both brousers were used.. Firefox/Mozilla and IE.. I am not 100% certain on version, but since its the old barely used computer, I am guesing its an older version since patches are routinely installed.  I thought the firefox would be easy retrieval since it has the option -- security tabe, search site, lookup password. but no password.
even tried the password type = text thingy I read.   In these examples it reports that there is hidden atrecks in the password filed prepolulated or cached, and you just want to know what they are... Well there isn't any dots or astricks.. it has the username, but not a chached password.

I thought all this stuff is stored somewhere. Even poked around IE... but nothing promising there either...
So googled some more, and they talked about cain and able, and other stuff.

I installed but it was (1) quiet confusing, (2) not sure what the heck Im doing, (3) other interesting options and stuff were available from app,  but wondering how I can expand what it reports.

My main focus and question is just trying to retriev password hidden someone on the old pc...

But as secondary curious questions, what other apps and tools are used. most recommended and trusted, and if using cain and able.. I saw where it can scan for local accounts and it showed the password, which is cool.. not that we needed it, cuz we already know it... but how can this be scanned against perhaps another computer..

Additionally, the old pc, was a wireless adapter that connects to the wireless router/modem... The router has a sid that we know... sweet. I saw a tab that says it can scan the wep and wpa and wireless ap and retireve the passwords... and do you know what,. it did... awesome... but it only showed the wireless SSID password I was connected to.. I was curious if this tool could be used to sniff out the password of another wireless network that is broadcasting its SSID, has signal, but has security wep or wpa enabled. wireless sees it, but doesn't report its password.. why?  how do you make it do this?

Just curious?  I am assuming that it is not connected, but if it was connected, it would already know the pass phrase. so reporting the SSId password of a network you are already connected to is irrelevant since you already know the password...

Again, just trying to understand and learn about the tool. got confused, googled. looked at docs. but made my confusion worse. so reaching out to the experts.

And maybe Cain and Able isn't the tool to use.. then what is...
This is only ethical hacking --- nothing mischievious nor miliessious, always been interested in the stuff.

hmmmmm
0
Comment
Question by:Indyrb
  • 6
  • 4
  • 2
  • +1
16 Comments
 
LVL 90

Assisted Solution

by:John Hurst
John Hurst earned 144 total points
Comment Utility
I have Cain V 4.9.46 and WinPcap V4.1.3 running on my Windows 7 Desktop.

Get Cain from www.oxid.it, download and install it. Installing it will install WinPcap as well.

Run it and look down the left side. You see Wireless Password, IE passwords, WLM passwords, Credential manager and others. Run each one (blue + on the menu bar) and see what it tells you. It tells me lots but not everything.

Looking up passwords for Windows users requires rainbow tables which can take a long time to build (e.g. 7 or 8 days for the 5 NTLM Alpha Numeric Space tables).

... Thinkpads_User
0
 

Author Comment

by:Indyrb
Comment Utility
I did do that -- but it rever revealed anything about the web passwords. and firefox\Mozilla isn't even in the list...

On the wireless on it did detect my SSID and my password, but I was cusrious to to get the password of other SSIDs

But as mentioned I was wondering if there was a tool to go deep into the system and recover web passwords for browsers ie and firefox -- not astricks.. they just used it... Trying to recover my password for my known user id.. only old computer successfully went and logged onto site.
0
 
LVL 90

Assisted Solution

by:John Hurst
John Hurst earned 144 total points
Comment Utility
As I noted, it depends on what Cain can find. I use IE and Cain found more of my stuff than you seem to have found. Make sure you look at each item.

For local userid passwords you need the rainbow tables.

If you know the admin id, you can change userid passwords by brute force using Windows user manager.

... Thinkpads_User
0
 
LVL 30

Assisted Solution

by:mtz1of4
mtz1of4 earned 284 total points
Comment Utility
If you are logged into the user account that is running firefox, open firefox, go to Tools->Options->Privacy (or Security)->Passwords
There should be a Show Passwords button. Click it, hit yes to warning and it should now display those passwords it had stored.
0
 
LVL 30

Assisted Solution

by:mtz1of4
mtz1of4 earned 284 total points
Comment Utility
If there is no Show Passwords option, what version is Firefox? that option has been in there for many years.
0
 

Author Comment

by:Indyrb
Comment Utility
It showed the user name. But password wasn't populated.
0
Want to promote your upcoming event?

Attending an event? Speaking at a conference? Or exhibiting at a tradeshow? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

 

Author Comment

by:Indyrb
Comment Utility
Any other recommeneded hacking tools...

I will get the firefox version momentarly...

There is the option of saved passwords, and for the site the username is there.

But all of us that use the computer never click the check box that says remember password or remember me.... We know its stored somewhere, perhaps in dantes levels of hell, and its driving us nuts, since the email address expired... so any tools at all...
0
 
LVL 30

Assisted Solution

by:mtz1of4
mtz1of4 earned 284 total points
Comment Utility
Since the email address expired and you can't get it back, you may have to contact the website directly and ask them how you can recover the password without access to the older email. You mentioned in the original post
do you wish to register and create an new account with this name...
Have you tried creating a new account with the exact same name? if you can, then you request the reset of the password from the site.

I guess the password MIGHT be stored in a cookie, but if you are using Firefox and it takes you directly to the page that requires a log-in and it logs you in, then it must be stored.

What is the name of the site you are trying to log into?
0
 

Author Comment

by:Indyrb
Comment Utility
It was version 21.0 firefox
when I clicked help about -- it upgraded to 25.0

downloaded and installed nirsoft tools, from ie, webbrowser, and firefox recovery and none worked.
0
 

Author Comment

by:Indyrb
Comment Utility
What are the best hacking /forensic tools.
0
 
LVL 30

Assisted Solution

by:mtz1of4
mtz1of4 earned 284 total points
Comment Utility
This is a windows xp machine, correct?  And  internet explorer password did not give you any results?  Or didn't give you the results for the website you are trying to log into?
And since you are logged in to machine with admin rights, how many Other user accounts are there on this machine?  is this a standalone machine or part of a domain?
0
 

Author Comment

by:Indyrb
Comment Utility
Windows 7 x64
no doesn't look like IE was used at all.
We only use one accout for all family memembers (local to windows)
This is a standalone PC (@ home)

We just don't use this pc that ofter, in preference of new faster one....

But this is the machine that logged in to the websites... so trying to pull possible save password or etc.
0
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 72 total points
Comment Utility
I would install lastpass and it can import the saved passwords from the browsers. It isn't a hacking tool at all, but it will do what you need.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now