Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

pen-test logo Penetration Testing mailing list archives

RE: Cain a& Abel Question
From: "Cushing, David" <David.Cushing () hitachisoftware com>
Date: Wed, 21 May 2003 14:15:21 -0400
Pete,

What you are seeing is the result of a "man in the middle" style attack rather than a decoding of your SSL connection 
to the bank.

C&A is intercepting and forwarding your traffic due to the ARP poisoning.  Your browser negotiates an SSL connection 
with C&A.  C&A negotiates another SSL connection to the bank.  Then C&A is able to see all traffic in plaintext as it 
passes it along.

Browser <--ssl--> C&A (plaintext) <--ssl--> Bank

The program is not able to generate a proper certificate to hand your browser, though.  It is self signed and will not 
be trusted by your browser.  An alert should have popped up when you opened the page.  Did it?

Cain info: http://www.oxid.it/cain_faq.html
MiM info: http://www.sans.org/rr/threats/man_in_the_middle.php 
--
David


-----Original Message-----
I was reading thru the list and decided to give Cain & Abel a try...
it is a really powerful tool, I do have a question, I was running it
using the ARP poisoning from one of my test machines to my internet
gateway.. (Cisco 3600 series) I logged into my On-line 
banking account,
which is an SSL connection, and Cain & Abel picked up my username and
passsword as "Clear text"... I guess I am confused about this...
when I goto the site, it is an SSL site,it appears that the entire
session is SSL, and Cain & Abel is not doing any sort of 
"Cracking" and
if the software "Cain & Abel" is doing
some sort of sniffing, wouldn't it be encrypted via SSL?

 

---------------------------------------------------------------------------
*** Wireless LAN Policies for Security & Management - NEW White Paper ***
Just like wired networks, wireless LANs require network security policies
that are enforced to protect WLANs from known vulnerabilities and threats.
Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.

To get your FREE white paper visit us at:
http://www.securityfocus.com/AirDefense-pen-test
----------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]