Dictionary attack
From Wikipedia: “A dictionary attack uses a targeted technique of successively trying all the words in an exhaustive list called a dictionary (from a pre-arranged list of values). In contrast with a brute force attack, where a large proportion key space is searched systematically, a dictionary attack tries only those possibilities which are most likely to succeed, typically derived from a list of words for example a dictionary (hence the phrase dictionary attack). Generally, dictionary attacks succeed because many people have a tendency to choose passwords which are short (7 characters or fewer), single words found in dictionaries or simple, easily predicted variations on words, such as appending a digit. However these are easy to defeat. Adding a single random character in the middle can make dictionary attacks untenable.”
Cracking passwords by Dictionary attack using Cain and Abel:
To perform dictionary attack for cracking passwords by using cain and abel first you will import the NTLM hashes. Then in cracker tab you find all imported username and hashes. Select desired user and follow the steps
- Right click on the user
- Select dictionary attack
- NTLM hashes
New window will be popup- Right click on top blank area.
- Add to list
- Browse dictionary or wordlist file
- Click on the start
it checks all the entries into dictionary when hashes matched it will stop the attack. You will find your result. If pass phrase is not into dictionary then you will be unable.