1.Go to the configuration dialog to choose the device you would like to use. If your device is capable of promiscuous mode you can enable this but if it doesn’t you have to make sure this is disabled(Enable the tick).



2.First click the sniffer button and then the blue plus button. You can either scan a range or the whole subnet. Now click ok and cain will scan the network. A list of computers will be shown. You can right click on a host to resolve their host name. (I have removed the Mac address, on your scan it will show.) Now click on the APR sign at the bottom.



3.Now click in area 1. The blue plus sign at the top will appear. If you now click this “New APR poison routing” will appear. Click on of the hosts on the left and the other hosts on the right will appear. You can then click the second host on the right and click ok. (On the right you can also click more then host by using the shift button or Ctrl). Make sure you choose the correct hosts that you wish to watch. Click ok.



4.The new routing will appear in the table.



5.Now click the ARP button at the top next to the sniffer button.



6.The status of the entry will change to Poisoning.

7.In the bottom part you will start to get routings. What each one means please read in the help. The kind of routing you have will be indicated by coloured arrows.



8.If a password is typed into the machine that is on your APR list now for example http it will appear in the passwords tab. In the example the oxid forum is shown

Thanks a lot for this post. I found it useful :)

Regards
occasus

nice tutoria can but can you do me a favoure can you send me the soft cain-abel or to my mail innoppy@mail.com
thanks bro

Tery200006, you can download the software free from www.oxid.it
Cheers,
Lapstue

when i got New ARP position routing window i try to press ok but i got no thing

what is the problem here

hany prince

Please use the support forum for support request. The off-topic posts will be moved to the right forums.
Cheers to everybody,
Xev

Thanks mate :) !

If it doesnt work, what could be wrong. Could a firewall on the other computer block it? or a firewall on the router? How do i acctually intercept the signal that goes to the router? The other computer doesnt send it to me normally. I'm sorry I am just starting with cain and I am just testing it.

A firewall can be a problem and cause this not to work. Both on the router or on the machine.

Intercepting the siganl is done by cain. Once cain says poisoning the process of intercepting is carried out.

thank but i wonder how can i know what is the wireless master password of my net provider

please start a discussing in the support area and explain what you mean by wireless master password of your net provider.

Thanks

it would be helpful to some users if you didnt blot out the ip addresses..... people arent going to be able to attack you if you leave your network's ips displayed lol

I recently purchased a Draytek router. Before I had my Server connected directly to the internet and used ICS for the rest of the network via a hub.

After buying the Draytek, I found it impossible to record my SIP packets from the phone again - and I blamed the router!

This tutorial got it working again, and I now have automatic call recording! Thank you!

In fact, it's even better now! Before, Cain was recognising the REGISTER pings from the phone as a SIP call, and was saving 1kb wav files. I had to write a perl script to remove them.

Now the sniffer is working perfectly and grabbing REAL calls only! Cheers!

Please start a thread in the support forum. The mac address you are getting is that yours?

@Mods

I think it would be best if some of the tutorial posts like this one get locked because there will always be people that post here instead of the support forum

It's locked