2008. 11. 11. 13:44

Cain & Abel Installation


해당 글은 Cain & Abel 의 내용중 메뉴얼을 참고한 내용의 글입니다.

설치 요구사항
- 10Mbte 하드디스크.
- M/S Windows 2000 이상.
- WinPcap 패킷 드라이버 (V2.3 또는 상위 ArpPcap 어댑터 WinPcap 버전 4.0)에서 지원.

설치 파일.
- Cain.exe [주요 실행 프로그램]
- Cain.exe.sig [파일 Cain.exe의 저자의 PGP로 서명]
- CA_UserManual.chm [이 파일]
- Abel.exe [Windows 서비스 아벨라는 실행 파일]
- Abel.exe.sig [파일 Abel.exe의 저자의 PGP로 서명]
- Abel.dll [프로그램에 필요한 DLL 파일]
- Abel.dll.sig [파일의 저자의 PGP 서명 Abel.dll]
- Uninstal.exe [제거 프로그램]
- Wordlist.txt [작은 단어 목록 파일]
- Install.log [설치 패키지의 로그 파일]
- Whatsnew.txt [버전 사이의 차이점]
- oui.txt [MAC 주소에 대한 공급 업체의 정보가 들어있는 목록 파일]
- <Installation Dir> \ winrtgen \ winrtgen.exe [Winrtgen - Windows 유틸리티 레인보우 테이블을 생성]
- <Installation Dir> \ winrtgen \ winrtgen.exe.sig [파일 winrtgen.exe의 저자의 PGP로 서명]
- <Installation Dir> \ winrtgen \ charset.txt [winrtgen.exe 예로 케인의 cryptanalysis 공격에 대한 정의와 
                              문자가 포함된 파일]
- <Installation Dir> \ 드라이버 \ WinPcap_4_0_1.exe [Winpcap 드라이버의 원래 배포 패키지]


Abel 설치
Abel 은 두개 파일은 Windows NT 서비스로 구성되어 있습니다. "Abel.exe" 와 "Abel.dll" 설치 패키지를 하여 프로그램이 시스템에 자동 인스톨 됩니다.

만약 서버상의 해킹으로 인하여 Cain 폴더가 다음 경로 "C:\Program Files\Cain" 에 있다면, 다음 래시스트리와 종속성을 참고하시기 바랍니다.

HKEY_CURRENT_USER\Software\Cain registry key



종속성
Cain.exe에 의존하거나 다음 라이브러리
: Abel.dll, Crypt32.dll, Pstorec.dll, Kernel32.dll에서, Advapi32.dll, Comctl32.dll, Comdlg32.dll, Gdi32.dll, Iphlpapi.dll, Mpr.dll 필요 , NetApi32.DLL을, Odbc32.dll,은 Ole32.dll, Oleaut32.dll을, Packet.dll (Winpcap)가 Rasapi32.dll, Rpcrt4.dll, Shell32.dll에서, User32.dll을, Wpcap.dll (Winpcap), Airpcap.dll (AirPcap), Ws2_32.dll, Wsnmp32.dll.

Abel.exe에 의존하거나 다음 라이브러리 : Abel.dll, Kernel32.dll에서, Advapi32.dll, Iphlpapi.dll, User32.dll을, Ws2_32.dll이 필요합니다.

Abel.dll에 의존하거나 다음 라이브러리 : Lsasrv.dll, Kernel32.dll에서, Advapi32.dll, User32.dll을, Samsrv.dll이 필요합니다


Cain 설치시 아래와 같은 파일 프로그램에 의해 설치/디렉토리를 만들게 됨을 참고하시기 바랍니다.

Cracker
- APOP-MD5.LST [contains a list of credentials of type APOP-MD5]
- CRAM-MD5.LST [contains a list of credentials of type CRAM-MD5]
- PIX-MD5.LST [contains a list of credentials of type Cisco PIX]
- IOS-MD5.LST [contains a list of credentials of type Cisco IOS]
- PWLS.LST [contains a list of PWL files and relative credentials]
- NTLMv2.LST [contains a list of credentials of type NTLMv2]
- LMNT.LST [contains a list of credentials of type LM & NTLMv1]
- CACHE.LST [contains a list of credentials of type MS-CACHE]
- OSPF-MD5.LST [contains a list of credentials of type OSPF-MD5]
- RIP-MD5.LST [contains a list of credentials of type RIPv2-MD5]
- VRRP-HMAC.LST [contains a list of credentials of type VRRP-HMAC]
- VNC-3DES.LST [contains a list of credentials of type VNC Triple DES]
- MD2.LST  [contains a list of hashes of type MD2]
- MD4.LST [contains a list of hashes of type MD4]
- MD5.LST [contains a list of hashes of type MD5]
- SHA-1.LST [contains a list of hashes of type SHA-1]
- SHA-2.LST [contains a list of hashes of type SHA-2]
- RIPEMD-160.LST [contains a list of hashes of type RIPEMD-160]
- K5.LST [contains a list of credentials of type Ms-Kerberos PreAuth]
- RADIUS_SHARED_HASHES.LST [contains a list of credentials of type RADIUS PreShared Key]
- IKEPSKHashes.LST [contains a list of credentials of type IKE-PSK]
- MSSQLHashes.LST [contains a list of credentials of type Microsoft SQL]
- MySQL.LST [contains a list of credentials of type MySQL]
- ORACLE.LST [contains a list of credentials of type ORACLE]
- 80211.LST [contains a list of 802.11 capture files]
- SIPHASHES.LST  [contains a list of hashes used in SIP protocol]
- TOKENS.LST [contains a list of RSA token serial numbers and seeds]
- WPAPSK.LST [contains a list of hashes of type WPA-PSK]

Sniffer
- HOSTS.LST [contains a list of host's information such as MAC address, IP address, Hostnames]
- APR.LST [contains a list of hosts to be used in APR]
- DRR.LST [contains a list of host names and IP addresses to be used by APR-DNS]
- SSH-1.LST [contains references to files generated by SSH-1 sniffer filter]
- CERT.LST [contains references to certificate files to be used by APR-HTTPS]
- HTTPS.LST [contains references to files generated by APR-HTTPS sniffer filter]
- FTPS.LST [contains references to files generated by APR-FTPS sniffer filter]
- IMAPS.LST [contains references to files generated by APR-IMAPS sniffer filter]
- LDAPS.LST [contains references to files generated by APR-LDAPS sniffer filter]
- POP3S.LST [contains references to files generated by APR-POP3S sniffer filter]
- RDP.LST [contains references to files generated by APR-RDP sniffer filter]
- FTP.LST [contains a list of credentials captured by FTP sniffer filter]
- HTTP.LST [contains a list of credentials captured by HTTP sniffer filter]
- IMAP.LST [contains a list of credentials captured by IMAP sniffer filter]
- POP3.LST [contains a list of credentials captured by POP3 sniffer filter]
- SMB.LST [contains a list of credentials captured by Server Message Block sniffer filter]
- TELNET.LST [contains references to files generated by Telnet sniffer filter]
- VNC.LST [contains a list of credentials captured by VNC sniffer filter]
- TDS.LST [contains a list of credentials captured by TDS (Tabular Data Stream) sniffer filter]
- SMTP.LST [contains a list of credentials captured by SMTP sniffer filter]
- NNTP.LST [contains a list of credentials captured by NNTP sniffer filter]
- KRB5.LST [contains a list of credentials captured by MS-Kerberos5 sniffer filter]
- DCERPC.LST [contains a list of credentials captured by DCE/RPC sniffer filter]
- RADIUS.LST [contains a list of pre shared keys captured by RADIUS sniffer filter]
- RADIUS_USERS.LST [contains a list of user's credentials captured by RADIUS sniffer filter]
- ICQ.LST [contains a list of credentials captured by ICQ sniffer filter]
- IKE-PSK.LST [contains a list of pre shared keys captured by IKE sniffer filter]
- MySQL.LST [contains a list of credentials captured by MySQL sniffer filter]
- SNMP.LST [contains a list of community strings captured by SNMP sniffer filter]
- VoIP.LST [contains a list of VoIP conversations captured by SIP/RTP sniffer filter]
- WPAPSKAUTH.LST [contains a list of credentials captured by WPAPSK sniffer filter]
 
Other files
- RT.LST [contains the list of Rainbow Tables to use during Cryptanalysis attacks]
- QLIST.LST [contains hosts of the quick list in the Network Tab]
- CCDU.LST [contains information about Cisco Config Downloader/Uploader View]
- HTTP_USER_FIELDS.LST [contains a list of user name fields to be used by the HTTP-FORM and
TTP-COOKIE sniffer filter]
- HTTP_PASS_FIELDS.LST [contains a list of password fields to be used by the HTTP-FORM and  HTTP OOKIE sniffer filter
- DUMP.IVS [contains a list of WEP IVs in aircrack-ng's compatible format]
 
Subdirectories
- <Installation Dir>\Certs\ [contains fake certificate files (*.crt) to be used by APR SSL spoofing niffers]
- <Installation Dir>\HTTPS\ [contains session files captured by APR-HTTPS]
- <Installation Dir>\FTPS\ [contains session files captured by APR-FTPS]
- <Installation Dir>\POP3S\ [contains session files captured by APR-POP3S]
- <Installation Dir>\IMAPS\ [contains session files captured by APR-IMAPS]
- <Installation Dir>\LDAPS\ [contains session files captured by APR-LDAPS]
- <Installation Dir>\SSH-1\ [contains session files captured by APR-SSH-1]
- <Installation Dir>\Telnet\ [contains session files captured by Telnet sniffer filter]
- <Installation Dir>\VoIP\ [contains VoIP conversations captured by the sniffer and saved as WAV files]
- <Installation Dir>\CCDU\ [contains configurations files from Cisco devices]