>sort of MITM attack
Arp poisoning? Cain and Able
> with/out encrypting the flow
Without "de" crypting?
I did this once, Arp poisoned with Cain and Able(free) and I
had Give Me
Too(free) running(captures IM, pop3, http, ftp, and other
info)
I was simply using this combo to sniff traffic. Interesting
enough, Give
Me Too was capturing pieces of a webconference from one pc.
I got some
side bar chat and some of the rendered pages.
Sorry, I dont remember which Web Conferencing application it
was though.
But that combination will capture some of the session. Maybe
enough to
prove a point.
Even though the program will say that this folder contains
AIM data and
this one has MSN data, etc,etc, Look in those folders
anyway, as there
may be some interesting captures there also.
I have seen Yahoo chat logged into the Telnet capture
section of Cain
and Able. Funky eh?
Robert L. Dixon, C|HFI
State of West Virginia's
West Virginia Office of Technology
Infrastructure Applications
Netware/GroupWise Administrator
------------------------------------------
If you spend more on coffee than on IT security, you will be
hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke
>>> "MARTIN Benoni"
<benoni.martin arcelor.com> >>>
Hi list !
I was wondering if someone has any experience in hacking a
webconference
over the web (sort of MITM attack, with/out encrypting the
flow).
I'm currently working on a such a project, so any feedback,
clue, ...
will be highly appreciated !
Thanks in advance folks !
------------------------------------------------------------
-------------
Sponsored by: Watchfire
Watchfire named worldwide market share leader in web
application
security
assessment by leading market research firm. Watchfire's
AppScan is the
industry's first and leading web application security
testing suite, and
the only solution to provide comprehensive remediation tasks
at every
level of the application. See for yourself.
Download a Free Trial of AppScan 6.0 today!
https://www.watchfire.com/securearea/apps
cansix.aspx?id=701300000007t9c
------------------------------------------------------------
--------------
------------------------------------------------------------
-------------
Sponsored by: Watchfire
Watchfire named worldwide market share leader in web
application security
assessment by leading market research firm. Watchfire's
AppScan is the
industry's first and leading web application security
testing suite, and
the only solution to provide comprehensive remediation tasks
at every
level of the application. See for yourself.
Download a Free Trial of AppScan 6.0 today!
https://www.watchfire.com/securearea/apps
cansix.aspx?id=701300000007t9c
------------------------------------------------------------
--------------
|