Theres a sort of cruel irony to passwords. The legitimate passwords people need to use to access crucial applications or data are often forgotten, and yet the bad guys seem to be able to crack passwords without breaking a sweat. Thankfully, theres a free tool available that can help you in either of these casesCain & Abel.
What is Cain & Abel? Its described as a Windows-based password recovery tool, but it does much, much more than just password recovery. The software can capture and monitor network traffic for passwords, crack encrypted passwords using various methods, record Voice over IP (VoIP) conversations, recover wireless network keys, and more.
If youve forgotten a crucial password, and dont have any password reset capability in place, you can use Cain & Abel to try and crack the password for you. Cain & Abel can perform a dictionary attackessentially trying every word in the dictionaryto guess the password. It can also do a brute force attack, which attempts every possible combination of uppercase and lowercase letters, numbers, and symbols until it finds the right one, or cryptanalysis attacks that attempt to circumvent password encryption techniques. It could take hours, or possibly days, but given enough time Cain & Abel should be able to recover the password for you.
Theres another way to put a tool like Cain & Abel to use for password security. You can run Cain & Abel against your password database to test the strength of your password policies. You might have a password policy in place, but youd be surprised how easily some passwords that meet the password policy requirements can be cracked.
In one security assessment I participated in, the client had given us network access that allowed us to access the SAM (Security Account Manager) database, which stores all of the hashed passwords of users. The client had a reasonably strict password policy that met or exceeded the best practice guidelines at the time. But, we ran Cain & Abel against the SAM file, and within a couple of hours we were able to successfully crack most of the passwordsincluding the passwords of executive managers.
Cain & Abel does not exploit vulnerabilities to crack passwords. It simply takes advantage of weaknesses in general operating system security, network protocols, authentication methods, and caching mechanisms.
The latest version is capable of analyzing encrypted network traffic such as SSH-1 or HTTPS, and has a new feature called APR. APR stands for ARP (Address Resolution Protocol) Poison Routing, and enables Cain & Abel to sniff traffic on switched LANs, or simulate MitM (Man-in-the-Middle) attacks.
Cain & Abel is a useful, valuable security tool, and you cant beat the priceits free. The developers do warn that there is a possibility that the software could cause damage or loss of data, and they assume no liability. Basically, you get what you pay for, but mature tools like Cain & Abel have been tested and refined over time, and the risk is probably not any greater than with any commercial software product.
Cain & Abel could potentially be used by attackers, but it was developed as a security tool. Illegal activity using Cain & Abel is neither supported nor condoned by its developers.