Cain no longer working for MITM

the_hutchthe_hutch Banned Posts: 827
in Other Security Certifications
Its been a while, so I decided to simulate a MITM attack with Cain. Everything seems to be working, and I get confirmation that both sides have been successfully poisoned. But then when I try to access a HTTPS site from the victim system, I receive an error on the Cain interface indicating "Couldn't accept SSL certificate from the client." I investigated the problem on the oxid.it forums and apparently nearly everybody is having this problem recently. Unfortunately, nobody on there had a good answer as to why this is happening. Any thoughts?

Also, curious if anyone has used Ettercap recently for MITM. Wondering if its now having similar problems as well. I'll prolly test tomorrow. Its already too late tonight.

Here's the discussion if anyone is interested: oxid.it forum - View topic - Anyone else having HTTPS sniffing issues?
· Share on FacebookShare on Twitter

Comments

  • JDMurrayJDMurray Admin Posts: 13,091 Admin
    So this worked before, but now doesn't? Was there a new patch or release of Cain that might have broken something? Can you try it with an earlier release?
    Forum Admin at www.techexams.net
    --
    Credly
    LinkedIn
    Twitter
    · Share on FacebookShare on Twitter
  • the_hutchthe_hutch Banned Posts: 827
    JDMurray wrote: »
    So this worked before, but now doesn't? Was there a new patch or release of Cain that might have broken something? Can you try it with an earlier release?

    No...that's the weird thing...is its the same release that I've always used, installed right off of my EC-Council toolkit. At first I thought maybe something changed with my client-system browser to prevent this attack. But then I tried all of my browsers (Chrome, FireFox, Safari and even IE). No success on any of them. I have no idea why its not working anymore. icon_cry.gif

    I've never actually used Ettercap before...but time to learn I suppose.
    · Share on FacebookShare on Twitter
  • JDMurrayJDMurray Admin Posts: 13,091 Admin
    If its the same in all Web browsers then the answer is at a lower level. Maybe something was patched in Windows itself. Have a look through the listing of the updates for the past several Patch Tuesdays and see what might have changed that could account for the behavior. If you have a machine or VM with just Windows XP SP3 and no recent updates, HIDS, A/V, etc. installed, you might check if it works on that.
    Forum Admin at www.techexams.net
    --
    Credly
    LinkedIn
    Twitter
    · Share on FacebookShare on Twitter
  • the_hutchthe_hutch Banned Posts: 827
    Alright yeah...I'll give that a shot. I'll let you know if i have any success.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.