Solved

Cain and Able, wireshark, wireless, etc.

Posted on 2013-10-24
16
588 Views
Last Modified: 2013-11-18
Anybody Cain and Able or ethical hacking experts.

I have a computer that hasn't been used in awhile, but is available.
We generally use the new PC as its better..

We know the admin password of the local account and get logged on.
We have online accounts that we use all the time (new PC). no problem. easy right.
Well we forgot passwords to some of the rare sites we used to use... so just change password right -- well the email address associated with the userid is no longer being used, so if a password request link was sent, we don't even know where it would send too. esecpially in the case where it was a yahoo.com account that sat unused for years, so it deleted/deactivated it. tryied to log into yahoo, with believed account and it looks like it has been repurposed or in another example this account is available, do you wish to register and create an new account with this name...

Alright, getting of base here -- the issue is that the old pc has visted these sites, has logged on, even has the userid email address cached, which sent me down the road of yahoo validation,,, but since they retried and password reset link isn't available -- I want to see if I can hack the old computer and find out all the passwords used for the sites and logon id for the given account... Both brousers were used.. Firefox/Mozilla and IE.. I am not 100% certain on version, but since its the old barely used computer, I am guesing its an older version since patches are routinely installed.  I thought the firefox would be easy retrieval since it has the option -- security tabe, search site, lookup password. but no password.
even tried the password type = text thingy I read.   In these examples it reports that there is hidden atrecks in the password filed prepolulated or cached, and you just want to know what they are... Well there isn't any dots or astricks.. it has the username, but not a chached password.

I thought all this stuff is stored somewhere. Even poked around IE... but nothing promising there either...
So googled some more, and they talked about cain and able, and other stuff.

I installed but it was (1) quiet confusing, (2) not sure what the heck Im doing, (3) other interesting options and stuff were available from app,  but wondering how I can expand what it reports.

My main focus and question is just trying to retriev password hidden someone on the old pc...

But as secondary curious questions, what other apps and tools are used. most recommended and trusted, and if using cain and able.. I saw where it can scan for local accounts and it showed the password, which is cool.. not that we needed it, cuz we already know it... but how can this be scanned against perhaps another computer..

Additionally, the old pc, was a wireless adapter that connects to the wireless router/modem... The router has a sid that we know... sweet. I saw a tab that says it can scan the wep and wpa and wireless ap and retireve the passwords... and do you know what,. it did... awesome... but it only showed the wireless SSID password I was connected to.. I was curious if this tool could be used to sniff out the password of another wireless network that is broadcasting its SSID, has signal, but has security wep or wpa enabled. wireless sees it, but doesn't report its password.. why?  how do you make it do this?

Just curious?  I am assuming that it is not connected, but if it was connected, it would already know the pass phrase. so reporting the SSId password of a network you are already connected to is irrelevant since you already know the password...

Again, just trying to understand and learn about the tool. got confused, googled. looked at docs. but made my confusion worse. so reaching out to the experts.

And maybe Cain and Able isn't the tool to use.. then what is...
This is only ethical hacking --- nothing mischievious nor miliessious, always been interested in the stuff.

hmmmmm
0
Comment
Question by:Indyrb
  • 6
  • 4
  • 2
  • +1
16 Comments
 
LVL 94

Assisted Solution

by:John Hurst
John Hurst earned 144 total points
ID: 39599138
I have Cain V 4.9.46 and WinPcap V4.1.3 running on my Windows 7 Desktop.

Get Cain from www.oxid.it, download and install it. Installing it will install WinPcap as well.

Run it and look down the left side. You see Wireless Password, IE passwords, WLM passwords, Credential manager and others. Run each one (blue + on the menu bar) and see what it tells you. It tells me lots but not everything.

Looking up passwords for Windows users requires rainbow tables which can take a long time to build (e.g. 7 or 8 days for the 5 NTLM Alpha Numeric Space tables).

... Thinkpads_User
0
 

Author Comment

by:Indyrb
ID: 39599187
I did do that -- but it rever revealed anything about the web passwords. and firefox\Mozilla isn't even in the list...

On the wireless on it did detect my SSID and my password, but I was cusrious to to get the password of other SSIDs

But as mentioned I was wondering if there was a tool to go deep into the system and recover web passwords for browsers ie and firefox -- not astricks.. they just used it... Trying to recover my password for my known user id.. only old computer successfully went and logged onto site.
0
 
LVL 94

Assisted Solution

by:John Hurst
John Hurst earned 144 total points
ID: 39599211
As I noted, it depends on what Cain can find. I use IE and Cain found more of my stuff than you seem to have found. Make sure you look at each item.

For local userid passwords you need the rainbow tables.

If you know the admin id, you can change userid passwords by brute force using Windows user manager.

... Thinkpads_User
0
Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

 
LVL 30

Assisted Solution

by:Marc Z
Marc Z earned 284 total points
ID: 39599917
If you are logged into the user account that is running firefox, open firefox, go to Tools->Options->Privacy (or Security)->Passwords
There should be a Show Passwords button. Click it, hit yes to warning and it should now display those passwords it had stored.
0
 
LVL 30

Assisted Solution

by:Marc Z
Marc Z earned 284 total points
ID: 39599922
If there is no Show Passwords option, what version is Firefox? that option has been in there for many years.
0
 

Author Comment

by:Indyrb
ID: 39601267
It showed the user name. But password wasn't populated.
0
 

Author Comment

by:Indyrb
ID: 39610132
Any other recommeneded hacking tools...

I will get the firefox version momentarly...

There is the option of saved passwords, and for the site the username is there.

But all of us that use the computer never click the check box that says remember password or remember me.... We know its stored somewhere, perhaps in dantes levels of hell, and its driving us nuts, since the email address expired... so any tools at all...
0
 
LVL 30

Assisted Solution

by:Marc Z
Marc Z earned 284 total points
ID: 39615354
Since the email address expired and you can't get it back, you may have to contact the website directly and ask them how you can recover the password without access to the older email. You mentioned in the original post
do you wish to register and create an new account with this name...
Have you tried creating a new account with the exact same name? if you can, then you request the reset of the password from the site.

I guess the password MIGHT be stored in a cookie, but if you are using Firefox and it takes you directly to the page that requires a log-in and it logs you in, then it must be stored.

What is the name of the site you are trying to log into?
0
 

Author Comment

by:Indyrb
ID: 39616919
It was version 21.0 firefox
when I clicked help about -- it upgraded to 25.0

downloaded and installed nirsoft tools, from ie, webbrowser, and firefox recovery and none worked.
0
 

Author Comment

by:Indyrb
ID: 39616923
What are the best hacking /forensic tools.
0
 
LVL 30

Assisted Solution

by:Marc Z
Marc Z earned 284 total points
ID: 39618608
This is a windows xp machine, correct?  And  internet explorer password did not give you any results?  Or didn't give you the results for the website you are trying to log into?
And since you are logged in to machine with admin rights, how many Other user accounts are there on this machine?  is this a standalone machine or part of a domain?
0
 

Author Comment

by:Indyrb
ID: 39621905
Windows 7 x64
no doesn't look like IE was used at all.
We only use one accout for all family memembers (local to windows)
This is a standalone PC (@ home)

We just don't use this pc that ofter, in preference of new faster one....

But this is the machine that logged in to the websites... so trying to pull possible save password or etc.
0
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 72 total points
ID: 39637059
I would install lastpass and it can import the saved passwords from the browsers. It isn't a hacking tool at all, but it will do what you need.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question