Open post
Most used Password cracking techniques by Cain and Abel Software

Most used Password cracking techniques by Cain and Abel Software

Password cracking techniques by Cain and Abel

Hello Friends, Welcome again!

In the last post Cain and Abel software for cracking hashes you have read about basics of Cain and Abel, and in the end of post I write about password cracking. When the cain captures some password hashes it sends to cracker tab automatically. When you gets password hashes you can use many Password cracking techniques by Cain and Abel Software. 

Right click on the desired user name, you want to obtain password. As you right click on the username you will find all possible techniques for cracking password.

There are mostly three techniques to crack the password

Dictionary attack

Dictionary attack is a type of attack, in which Attacker uses a word list contain lots of words or possible passwords. Tools checks login credential with every word from list. if the password is consist in the word list, attacker get success if not, he fails. This attack can be performed by Cain and abel further more detail Dictionary attack For Cracking passwords using Cain and Abel This tool checks all the entries into dictionary (wordlist) when hashes got match it will stop the attack. and attacker will find his result. If passphrase is not into dictionary then you will be unable.

Brute force attack

Brute force attack attempt to get access by trying different password words, or letter ( alphabet, number and symbol). In simple attack may have a dictionary with common used password with in software. another hand complex attack uses every key combination ( alphabet, number and symbol) for finding correct password.
it can take several hours, days,months and year for success depends on password and encryption complexity.

For more detail Brute Force Attack for Cracking Passwords using Cain and Abel

Cryptanalysis attack (Using Rainbow Table)

Using rainbow table attacker can crack 14 character long password within 160 second. It is much faster than dictionary attack and brute force attack Rainbow table is dictionary stored plain text password and encrypted password hashes we can say it is pre compiled and pre calculated hashes.
In this process tools matches  hashes with rainbow table. If matched, it shows in plain text. other wise failed in process. you can generate your own rainbow table using winrtgen 

More detail: Rainbow Tables Attack (Cryptanalysis attack) and winrtgen


Cain and Abel is a powerful tool that does a great job in password cracking. It can crack almost all kinds of passwords, and it’s usually just a matter of time before you get it.


Open post
Brute Force Attack for Cracking Passwords using Cain and Abel

Brute Force Attack for Cracking Passwords using Cain and Abel

Hello friends, Welcome again!

We are discussing about Penetration Testing Tutorial and this article under section cracking passwords and hashes cracking.

Brute force attack with cain and abel

In my previous post Cain and Abel software for cracking hashes tutorial you have learnt about basic features or cain and abel. In the last of post I wrote about cracking passwords and how you dump NTLM hashes from local PC. After getting passwrod hashes our next task to crack password by using difference techniques, Brute Force attack one of them. In this tutorial you will learn how to perform brute force attack for cracking hashes by Cain and Abel

Brute Force Attack Definition

From Wikipedia: “In cryptography, a brute-force attack, or exhaustive key search, is a cryptanalytic attack that can, in theory, be used against any encrypted data (except for data encrypted in an information-theoretically secure manner). Such an attack might be utilized when it is not possible to take advantage of other weaknesses in an encryption system (if any exist) that would make the task easier. It consists of systematically checking all possible keys until the correct key is found. In the worst case, this would involve traversing the entire search space.

The key length used in the cipher determines the practical feasibility of performing a brute-force attack, with longer keys exponentially more difficult to crack than shorter ones. A cipher with a key length of N bits can be broken in a worst-case time proportional to 2N and an average time of half that. Brute-force attacks can be made less effective by obfuscating the data to be encoded, something that makes it more difficult for an attacker to recognize when he/she has cracked the code. One of the measures of the strength of an encryption system is how long it would theoretically take an attacker to mount a successful brute-force attack against it.”

Cracking password by brute force attack using Cain and Abel:

  1. Right click on the desired user.
  2. Brute-force Attack
    Right click on the user
  3. Click on NTLM Hashes: A new window will be open, Here you need to set following things
    1. Charset: under this section there are two option first predefined charset or custom, where you can use character, numbers and sysmbles according yourself.
    2. Password length: Define minimum and maximum length of password
      brute force attack
  4. Click and start.
  5. You will get result.
    password cracked
Open post
Cracking passwords by Dictionary attack using Cain and Abel

Dictionary attack For Cracking passwords using Cain and Abel

Dictionary attack

From Wikipedia: “A dictionary attack uses a targeted technique of successively trying all the words in an exhaustive list called a dictionary (from a pre-arranged list of values). In contrast with a brute force attack, where a large proportion key space is searched systematically, a dictionary attack tries only those possibilities which are most likely to succeed, typically derived from a list of words for example a dictionary (hence the phrase dictionary attack). Generally, dictionary attacks succeed because many people have a tendency to choose passwords which are short (7 characters or fewer), single words found in dictionaries or simple, easily predicted variations on words, such as appending a digit. However these are easy to defeat. Adding a single random character in the middle can make dictionary attacks untenable.”

Cracking passwords by Dictionary attack using Cain and Abel:

To perform dictionary attack for cracking passwords by using cain and abel first you will import the NTLM hashes. Then in cracker tab you find all imported username and hashes. Select desired user and follow the steps

  1. Right click on the user
  2. Select dictionary attack
    Right click on the user
  3. NTLM hashes
    New window will be popup

    1. Right click on top blank area.
    2. Add to list
    3. Browse dictionary or wordlist file
      add a dictionary
  4. Click on the start


it checks all the entries into dictionary when hashes matched it will stop the attack. You will find your result. If pass phrase is not into dictionary then you will be unable.

Open post

Cain and Abel software for cracking hashes tutorial

Description of Cain and Abel Software

According to the official website , Cain and Abel software is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kinds of passwords by sniffing the network, cracking hashes passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analysing routing protocols.

cain and abel software

The latest version is faster and contains a lot of new features like APR (ARP Poison Routing) which enables Sniffing on switched LANs and  man in the middle attacks. The sniffer in this version can also analyze encrypted protocols such as SSH-1 and HTTPS and contains filters to capture credentials from a wide range of authentication mechanisms. The new version also ships routing protocols authentication monitors and routes extractors, dictionary and brute-force crackers for all common hashing algorithms and for several specific authentications, password/hash calculators, cryptanalysis attacks, password decoders and some not so common utilities related to network and system security.

Who should use Cain and abel software?

Cain and abel has been develepod in the hope that it will be use full for Network administrator, teachers, security counsultants/professional, forensecc staff, security software vender, professional penetration tester, and everyone else that plans to use it for ethical reason.

The system requirements to setup Cain & Abel

The minimum system requirements to use cain and abel are following

– Minimum 10MB hard disk space

– Microsoft Windows OS 2000/XP/2003/Vista OS

– Winpcap Packet Driver (v2.3 or above).

– Airpcap Packet Driver (for passive wireless sniffer / WEP cracker).

cain and abel system requirements

Cain and Abel download and Installation 

First we need to download Cain and Abel, go on given link to download Cain and Abel

Installation Cain and Abel is very easy just double click self run executable file and follow the instruction.  

Usage Of Cain and Abel software:

After installation complete launch and configure the application, after launching application click on configure option in upper menu.

Usage of Cain and abel software

Now let’s go through the configuration dialog tabs and take a brief look at most of them:

Sniffer Tab:

In this Tab you find all the connected Ethernet interface, you can select Ethernet interface card use for sniffing.

ARP Tab:

This tab allows users to configure ARP poison routing to perform ARP poisoning attack, this trick used the MITM (Man in the Middle Attack).

Filters and Ports Tab:

This tab has the most standard services with their default port running on.You can change the port by right-clicking on the service whose port you want to change and then enabling or disabling it.

Cain’s sniffer filters and application protocol TCP/UDP port.

HTTP Fields Tab:

There are some extreme usefull features of Cain that grab the  information from web pages surfed by the victim such as LSA Secrets dumper, HTTP Sniffer and ARP-HTTPS,so the more fields you add to the username and passwords fields, the more you capture HTTP usernames and passwords from HTTP and HTTPS requests.

Traceroute Tab:

Traceroute is a technique to find out the path between two points by counting how many hops the packet will travel from the source device to reach the destination device. Cain also adds more functionality that allows hostname resolution, Net mask resolution, and Whois information gathering.

Certificate Spoofing Tab:

This tab will allow Certificate spoofing.From Wikipedia:

“In cryptography, a public key certificate (also known as a digital certificate or identity certificate) is an electronic document that uses a digital signature to bind a public key with an identity — information such as the name of a person or an organization, their address, and so forth. The certificate can be used to verify that a public key belongs to an individual.

In a typical public key infrastructure (PKI) scheme, the signature will be of a certificate authority (CA). In a web of trust scheme, the signature is of either the user (a self-signed certificate) or other users (“endorsements”). In either case, the signatures on a certificate are attestations by the certificate signer that the identity information and the public key belong together.”

We can simply think of it as some sort of data (cipher suites & Public key and some other information about the owner of the certificate) that has information about the destination server and is encrypted by trusted companies (CA) that are authorized for creating these types of data.The server sends its own certificate to the client application to make sure it’s talking to the right server.

Certificate Collector Tab:

This tab will collect all certificates back and forth between servers and clients by setting proxy IPs and ports that listen to it.


Here you can set the custom challenge value to rewrite into NTLM authentications packets. This feature can be enabled quickly from Cain’s toolbar and must be used with APR. A fixed challenge enables cracking of NTLM hashes captured on the network by means of Rainbow Tables.

Password Cracking

You find  cracker tab at the top menu ,the most important feature of Cain.When Cain captures some LM and NTLM hashes or any kind of passwords, Cain sends these passwords into  to the Cracker tab automatically. We will import a local SAM file just for demonstration purposes to illustrate this point. Here is how to import the SAM file. When you click on + sign in blue color new window will be popup. Here you will find three options

  1. Import hashes from local system: this menu allow user to import hashes from SAM Database of local System.
  2. Import hashes from text file: this option work when you have already dumped hashses into a text file.
  3. Import hashes from SAM database: in this option you required two files one file contain boot key and another have SAM database.

For demonstration select first option and click Next for next process.


Scroll to top