Hello everyone, as it seems that a lot of you guys seem to be in high school and want to be like the "War Games" hackers I figured I'd write a tutorial on how to steal logins for online grading systems.
WHATTSAPP NUB +19784109286 for technical problems about your task or issue regarding hacking services.
Please remember to be careful with this information, this is not for you to use only to understand that this is a possibility Wink
Step One – Understanding Some Basics (Skip this if you don't care what's happening behind the scenes)
Now you've got to understand some basics about how computers communicate on a network (if you are familiar with this and have a general understanding of how TCP/IP works then skip this section as it is only for those who want to learn what's happening behind the scenes!)
I'll try to cut down on most information!
So basically every computer on a network has an IP address be it "192.168.1.101" or "10.0.0.10" that is your IP for your computer on your current network. This is your computer's "address" much like every house has a mailing address to receive postage!
So basically all the computers send information through the "router" or "switch" which passes it on out to the internet and vise versa. The router broadcasts it's address to every computer on the network and says "Hey everyone! I'm 192.168.1.1 and I'm your default gateway! Send all your requests through me and I'll serve you!" and all the computers happily send their requests through the router.
But what if someone lied about being a certain IP address?
In an ARP cache poising situation, this is exactly what a hacker would do.
Hacker's Computer: "Hey 192.168.1.1 (router)! I'm 192.168.1.100!"
Router: (Didn't ask, but accepts this information) "OK thank you I'll send future data your way!"
Hacker's Computer: "Hey user 192.168.1.100 (Vlictim)! I'm you're router!"
Vlctim's Computer: (Didn't ask, but accepts this information) "OK thank you I'll send my requests through you!"
Now the hacker has places himself in a very great position! He is now a "proxy" or a computer that both the router and the vlctim must push their information through.
So now if the vlctim wants to visit a webpage all of his data is sent through the hacker's computer and on to the router and vise versa.
The advantage here is now the hacker can read everything the user is doing online.
The main problem with this is that most sites that do "Online Grading" encrypt their data before sending it to the router so that this attack is thwarted.
Using software like "Cain & Abel" you can get around this problem. This is done by spoofing the SSL certificate for the vlctim, however this can not be done completely as the vlctim will get a "SSL certificate error" warning message. Luckily in the most used version of Internet Explorer this message is just a simple "blalla error, click here to continue" and most users just ignore this and click ok. Now they are connected to the website but you can still see what they are doing!
Congrads, you now (kinda) get how an ARP Cache Poising attack works & SSL Spoof attack.
Step Two – Starting out (If you skipped step one you're a bad person!)
A nice warning you'll be doing all this on a school computer, please be careful not to get caught (what if someone actually knows what you're trying to do?! Oh noes!)
No you're going to need to install Cain & Abel for doing this attack! This is a Windows hacktool with all sorts of fun built in!
Great! Now install the thing (I'm not going to hold your hand on this as it's really straightforward, just say yes to installing everything)
Eventually you install everything and you start up Cain, please be sure you've allowed it internet accept if Windows prompts you for it.