Cain and Abel is a password hacker tool for Microsoft Windows and very helpful in this aspect and usable for all users. Download full version of the tool from this site.
Cain and Abel Review
Facebook, Twitter, YouTube,Tumblr,Pinterest these are all digital platforms that we use to store pieces of ourselves making up our online identity; who we are and how do we protect this valuable information that’s so vital to our existence.
Now you’re going to see how easy it is to crack simple passwords like these all computer programs and websites that require a password to log in store those credentials in some type of database and we’re sure you’ve heard or read about some big online companies whose user databases have been hacked or stolen and innocent people’s passwords revealed.
How does this happen? What’s through a hacking process known as sequel injection, where hackers can exploit flaws and coding designs to gain access to a database. But we’ll cover sequel injection another time to add a bit more secure passwords aren’t stored in a database as is or in plain text instead, most programs now use some type of encryption method to convert the password to some type of a very gibberish also known as a hash before storing it. So even if someone breaks into the database they won’t immediately have your password all they’ll have is gibberish some of the most popular types of hashing algorithms are NTLM which is used by windows md5 to see a couple of these in action.
You can visit this website and then just enter in a string to see what each algorithm converts it to but as we’re about to show you even these hashes are hackable. If you’re able to get your hands on a password hash through sequel injection or otherwise then you can use special software to reverse the encryption and find the password one of the more popular types of password cracking programs is Cain and Abel which you can download from here. Once it’s installed and launched you’ll see tons of different hacking tools. But the one we’re going to focus on is under the cracker tab which is used for cracking passwords on the left you’ll see a list of different types of hashing algorithms let’s select NTLM hashes. For example which is what windows uses to encrypt passwords to import hashed passwords click on the plus sign and select the first option to import hashes from all the users on your current computer otherwise you can import hashes from a text file or a database file and then click Next a list of all the accounts on the system will pop up.
Our area of interest will be the NT password column if it says empty that means there isn’t a password on the account if it’s blank then it has a password so right click on the account that you wish to crack and it will give you different cracking options dictionary brute-force and cryptanalysis attacks a dictionary attack reads from a list of presets passwords to try. If you go to this website you can download a list of the 10,000 most commonly used passwords and then select the dictionary attack and Cain and Abel choose NTLM hashes and then right click in the dictionary box to add this file to your list. When you click to start the program will cycle through the list of passwords and convert them to the NTLM hash to see if it matches the hash in the database. If it finds a match it will then display what the password is the speed at which this process completes depends on the speed of your computer.
The dictionary attack is the fastest way to crack a password but only if it’s in the list if it’s not the next fastest way is through a method called weak force. Brute force is essentially a method of trying all possible combinations of letters numbers and/or symbols and then hashing them until it finds a matching combination this is where the complexity of your password really pays off on average more than half the passwords on the Internet are lowercase letters and six characters in length on i7 laptop with 16 gigabytes of RAM that only takes 30 seconds to crack.
So if that’s you and someone breaks into LinkedIn or Twitter’s databases you’re screwed to use brute force and Cain and Abel right-click on the user select brute force and then select NTLM hashes and it will bring up a new window with criteria regarding the password complexity. As you can see adding just one number to your password raises the crack time to four minutes adding a number in uppercase letters takes more than an hour then throwing a symbol into the mix bumps it up to about five hours. Still, this is a very short amount of time when it comes to your security. But if you include all those characters and then increase the length of your password to say ten the time to crack it increases exponentially, in this case, it’ll take about eighteen thousand years.
Now that’s more like it brute force is the most common means of password cracking but there’s a third option called cryptanalysis which is simply the study of cryptography to see if it can be breached this method of cryptanalysis uses what’s called rainbow tables. Without getting overly complicated a rainbow table can be a long string of millions of hashes then the rainbow table will take a smaller pattern within the original hash known as a reduction function. And search for that instead of searching for the entire hash the benefit to this is that it can be a lot faster assuming you have enough memory to store all the hashing functions and you can find rainbow tables to use by searching for them on Google so with that you now have three different options to try and crack other hashing algorithms what are your thoughts on password cracking is it evil can it be useful.
Cain and Abel Features
- Simple Configuration allows you to use this software with ease without facing any complication.
- Wireless packet injection boosts packet capture speed useful for catching data.
- Decoding is done by packed data that decodes the password.
- Uncovers cached passwords by decoding and uncovering boxes of data.
- WEP Cracking and ARP Spoofing are available in Cain and Abel.
- It quickly resolves issues between IP and Mac addresses.
- The Software cracks hashes of LM, NTLM V1, 2, Microsoft hashes and tons of other hashes too.
- Cain and Abel greatly record VoIP conversations.
Cain and Abel Specifications
Release April 2014
Operating System Windows7,8,8.1,10
Software Type Password Cracking
HDD Space 10 MB min.
Drivers Winpcap Packet Driver and Airpcap Packet Driver
Cain and Abel Download
Cain and Abel is the modern password hacking tool designed for Microsoft Windows. Download this awesome software from the link in the description.