Password cracking techniques by Cain and Abel
Hello Friends, Welcome again!
In the last post Cain and Abel software for cracking hashes you have read about basics of Cain and Abel, and in the end of post I write about password cracking. When the cain captures some password hashes it sends to cracker tab automatically. When you gets password hashes you can use many Password cracking techniques by Cain and Abel Software.
Right click on the desired user name, you want to obtain password. As you right click on the username you will find all possible techniques for cracking password.
There are mostly three techniques to crack the password
Dictionary attack
Dictionary attack is a type of attack, in which Attacker uses a word list contain lots of words or possible passwords. Tools checks login credential with every word from list. if the password is consist in the word list, attacker get success if not, he fails. This attack can be performed by Cain and abel further more detail Dictionary attack For Cracking passwords using Cain and Abel This tool checks all the entries into dictionary (wordlist) when hashes got match it will stop the attack. and attacker will find his result. If passphrase is not into dictionary then you will be unable.
Brute force attack
Brute force attack attempt to get access by trying different password words, or letter ( alphabet, number and symbol). In simple attack may have a dictionary with common used password with in software. another hand complex attack uses every key combination ( alphabet, number and symbol) for finding correct password.
it can take several hours, days,months and year for success depends on password and encryption complexity.
For more detail Brute Force Attack for Cracking Passwords using Cain and Abel
Cryptanalysis attack (Using Rainbow Table)
Using rainbow table attacker can crack 14 character long password within 160 second. It is much faster than dictionary attack and brute force attack Rainbow table is dictionary stored plain text password and encrypted password hashes we can say it is pre compiled and pre calculated hashes.
In this process tools matches hashes with rainbow table. If matched, it shows in plain text. other wise failed in process. you can generate your own rainbow table using winrtgen
More detail: Rainbow Tables Attack (Cryptanalysis attack) and winrtgen
Conclusion
Cain and Abel is a powerful tool that does a great job in password cracking. It can crack almost all kinds of passwords, and it’s usually just a matter of time before you get it.