Module 1: BSWJ: Cain & Abel
Teaching Assistants George Mcpherson Vikramajeet Khatri
Using the Cain and Abel Password-Cracking Tool
Cain and Abel is a password-cracking tool for Microsoft Windows that is used globally by gathering information from a wide range of sources. This tool is able to recover many passwords using various methods. Most commonly, the methods used are brute force attack, dictionary attack, and cryptanalysis attack. However, Cain and Abel also utilizes the following methods when necessary:
- Sniffing the network
- Recording VoIP conversations
- Recovering wireless network keys
- Decoding scrambled passwords
- Uncovering cached passwords
- Revealing password boxes
- Analyzing routing protocols
Cain and Abel utilizes dictionary lists as the basis for recovering passwords. It uses brute force attacks by trying unique passwords at a high speed and decoding data that is stored on the hard drive, the package tries to determine the right password. Cryptanalysis attacks are done using rainbow tables which can be created with the winrtgen.exe program that is provided with the Cain and Abel tool.
The most recent version of the Cain and Abel software is quicker and has various new features like ARP Poison Routing (APR) which is used to strike into a LAN orchestrate, by sniffing into any related orchestrate and examining high security traditions like ssh1 and https. The sniffer in this version is also able to capture credentials from multiple authentication mechanisms.
Cain and Abel was developed primarily for security professionals and network administrators, but it’s also a useful tool for penetration testers, teachers, security consultants, forensic staff, and security software vendors.
Why Use the Cain and Abel Password Recovery Tool?
There are several reasons that the Cain and Abel password recovery tool should be in your IT security toolbox. First and foremost, if you forget an essential password, and do not have a password reset capability, then Cain and Abel can be used to recover the password for you. Here are some additional reasons to use Cain and Abel:
- It’s free, with no hidden charges at all.
- It includes various password-cracking methods.
- Recovering simple passwords is quick and easy.
- You can use Cain and Abel to test the strength of your password policies to help you provide added password security.
- It works with Windows XP, old NT, and Windows 2000.
For more information about the Cain and Abel password recovery tool, and to learn to use it, check out our How to Use Cain & Abel tutorial. The class provides you with all the information you need to recover crucial passwords.
(Disclaimer: Breaking Stuff with Joe is a Cybrary series that will be running indefinitely. You will not earn CEU/CPE hours by watching any individual 'Breaking Stuff with Joe' episode. However, you can still earn a certificate of completion for each episode completed.)