This tutorials teaches you how to sniff a password file from a windows network.
1. Download, install and run Cain & Abel at http://www.oxid.it/cain.html
2. Click “Configure” in the top bar.
3. In the “Sniffer” tab, click the adapter which is connected to the network to be sniffed, then click “Apply”, then “OK”.
4. Click the “Sniffer” tab in the main window.
5. Click the network card in the top bar (2nd icon from the left).
6. Click the “+” button in the top bar.
7. Select “All hosts in my subnet”, click “OK”. Entries should appear in the main window under the “IP address”, “MAC address” and “OUI fingerprint” headings.
8. From the “Sniffer” tab, click “APR” in the bottom tab.
9. Click the top right pane in the main window. Click the “+” button in the top bar.
10. Click on the router in the left pane. The router is generally the entry which has the lowest final IP value (xxx.xxx.xxx.*). Highlight the IP addresses to sniff in the right pane. Click “OK”.
11. Click the ARP icon in the top bar (3rd icon from the left). Wait until other users have logged into websites on other computers. Depending on the size of the network and the traffic which this network receives, this can range from minutes to hours.
12. After some time has passed, click “Passwords” in the bottom tab.
13. In the left pane, select the bolded entries. The right pane should show the time, server, username, password (in plaintext) and site accessed.