Dark Deal: Cain & Abel
By - Posted Jan 28, 2004
One of my favorite password recovery tools for Windows has to be Cain & Abel. C&A is not your typical local machine password cracker but a network password recovery tool. On today's show, I'll show you how C&A works.
C&A combines actual brother applications: Cain recovers the passwords and Abel pulls off the brute force attacks. C&A is different from other password crackers because it acts as a sniffer to intercept and crack passwords in real-time.
Yeah, yeah, you've heard this before right? Well, here are more features.
I love the ARP cache poisoning feature. It will poision the cache of any host with a false ARP entry allowing it to foward traffic to the destination machine. Leran more about ARP cache poisoning.
This app has a great user interface and works amazingly well. Best of all, it's completely free.
Download Cain & Abel
Questions or comments?
Send me email or visit my forums.
C&A combines actual brother applications: Cain recovers the passwords and Abel pulls off the brute force attacks. C&A is different from other password crackers because it acts as a sniffer to intercept and crack passwords in real-time.
Yeah, yeah, you've heard this before right? Well, here are more features.
- C&A is fast and contains APR (ARP poison routing), which enables sniffing on switched LANs by hijacking IP traffic of multiple hosts at the same time.
- The sniffer can also analyze encrypted protocols such as SSH-1 and HTTPS if used with APR and a man-in-the-middle situation.
- Ships routing protocols authentication monitors and routes extractors, crackers for all common hashing algorithms and for other various specific authentications.
- Works on password calculators, decoders, and the following utilities.
- Cisco Config Downloader/Uploader
- SiD-Scanner
- LSA Secrets Dumper
- Protected Storage Passwords Viewer
- NT Hash-Dumper (works with Syskey enabled)
- Abel Remote Console
- MAC Scanner
- Promiscuous-Mode Scanner
- TCP/UDP/ICMP Traceroute + DNS Resolver + Netmask Discovery + WHOIS resolver (extracts information from RIPE's database)
I love the ARP cache poisoning feature. It will poision the cache of any host with a false ARP entry allowing it to foward traffic to the destination machine. Leran more about ARP cache poisoning.
This app has a great user interface and works amazingly well. Best of all, it's completely free.
Download Cain & Abel
Questions or comments?
Send me email or visit my forums.
Comments
Add a Comment