One of my favorite password recovery tools for Windows has to be Cain & Abel. C&A is not your typical local machine password cracker but a network password recovery tool. On today's show, I'll show you how C&A works.

C&A combines actual brother applications: Cain recovers the passwords and Abel pulls off the brute force attacks. C&A is different from other password crackers because it acts as a sniffer to intercept and crack passwords in real-time.

Yeah, yeah, you've heard this before right? Well, here are more features.

• C&A is fast and contains APR (ARP poison routing), which enables sniffing on switched LANs by hijacking IP traffic of multiple hosts at the same time.
  
• The sniffer can also analyze encrypted protocols such as SSH-1 and HTTPS if used with APR and a man-in-the-middle situation.
  
• Ships routing protocols authentication monitors and routes extractors, crackers for all common hashing algorithms and for other various specific authentications.
  
• Works on password calculators, decoders, and the following utilities.
  • Cisco Config Downloader/Uploader
  • SiD-Scanner
  • LSA Secrets Dumper
  • Protected Storage Passwords Viewer
  • NT Hash-Dumper (works with Syskey enabled)
  • Abel Remote Console
  • MAC Scanner
  • Promiscuous-Mode Scanner
  • TCP/UDP/ICMP Traceroute + DNS Resolver + Netmask Discovery + WHOIS resolver (extracts information from RIPE's database)

I love the ARP cache poisoning feature. It will poision the cache of any host with a false ARP entry allowing it to foward traffic to the destination machine. Leran more about ARP cache poisoning.

This app has a great user interface and works amazingly well. Best of all, it's completely free.

Download Cain & Abel

Questions or comments?

Send me email or visit my forums.