Developer(s) | Massimiliano Montoro |
---|---|
Stable release | |
Operating system | Microsoft Windows |
Type | Password cracking/Packet analysis |
License | Freeware |
Website | www.oxid.it/cain.html |
Cain and Abel (often abbreviated to Cain) is a password recovery tool for Microsoft Windows. It can recover many kinds of passwords using methods such as network packet sniffing, cracking various password hashes by using methods such as dictionary attacks, brute force and cryptanalysis attacks.[1]Cryptanalysis attacks are done via rainbow tables which can be generated with the winrtgen.exe program provided with Cain and Abel.[2]Cain and Abel is maintained by Massimiliano Montoro[3] and Sean Babcock.
Jul 12, 2020 Download Cain and Abel Free for Windows 10, Windows 7, Windows 8 and Windows 8.1. Cain & Abel (also abbreviated as Cain) is a software used for password recovering. It is available for the Windows Platform or other Microsoft Operating Systems (OS). Cain and Abel are programmed and maintained by the Massimiliano Montoro and Sean Babcock.
Features[edit]
- WEP cracking
- Speeding up packet capture speed by wireless packet injection
- Ability to record VoIP conversations
- Decoding scrambled passwords
- Calculating hashes
- Revealing password boxes
- Uncovering cached passwords
- Dumping protected storage passwords
- IP to MAC Address resolver
- Network PasswordSniffer
- LSA secret dumper
- Ability to crack:
- LM & NTLM hashes
- NTLMv2 hashes
- Microsoft Cache hashes
- Microsoft WindowsPWL files
- Cisco IOS - MD5 hashes
- Cisco PIX - MD5 hashes
- APOP - MD5 hashes
- CRAM-MD5 MD5 hashes
- OSPF - MD5 hashes
- RIPv2 MD5 hashes
- VRRP - HMAC hashes
- Virtual Network Computing (VNC) Triple DES
- MD2 hashes
- MD4 hashes
- MD5 hashes
- SHA-1 hashes
- SHA-2 hashes
- RIPEMD-160 hashes
- Kerberos 5 hashes
- RADIUS shared key hashes
- IKEPSK hashes
- MSSQL hashes
- MySQL hashes
- Oracle and SIP hashes
Status with virus scanners[edit]
Some virus scanners (and browsers, e.g. Google Chrome 20.0.1132.47) detect Cain and Abel as malware.
Avast! detects it as 'Win32:Cain-B [Tool]' and classifies it as 'Other potentially dangerous program',[4] while Microsoft Security Essentials detects it as 'Win32/Cain!4_9_14' and classifies it as 'Tool: This program has potentially unwanted behavior.'Even if Cain's install directory, as well as the word 'Cain', are added to Avast's exclude list, the real-time scanner has been known to stop Cain from functioning. However, the latest version of Avast no longer blocks Cain.
Symantec (the developer of the Norton family of computer security software) identified a buffer overflowvulnerability in version 4.9.24 that allowed for remote code execution in the event the application was used to open a large RDP file, as might occur when using the program to analyze network traffic.[5] The vulnerability had been present in the previous version (4.9.23) as well[6] and was patched in a subsequent release.
References[edit]
- ^'How to use Cain and Able'. Cybrary. Retrieved 2019-08-24.
- ^'ECE 9609/9069: Introduction to Hacking'. Whisper Lab. Archived from the original on 2019-08-24. Retrieved 2019-08-24.
- ^Zorz, Mirko (2009-07-07). 'Q&A: Cain & Abel, the password recovery tool'. Help Net Security. Retrieved 2019-08-24.
- ^Metev, Denis (2019-07-29). 'What Is Brute-Force And How to Stay Safe?'. Tech Jury. Retrieved 2019-08-24.
- ^'Attack: Massimiliano Montoro Cain & Abel .rdp File BO: Attack Signature - Symantec Corp'. www.symantec.com. Retrieved 2019-08-24.
- ^'Massimiliano Montoro Cain & Abel Malformed '.rdp' File Buffer Overflow Vulnerability'. www.securityfocus.com. Retrieved 2019-08-24.
See also[edit]
External links[edit]
Cain & Abel Software For Mac Download Full
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness present in protocol's standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some 'non standard' utilities for Microsoft Windows users.
Cain & Abel has been developed in the hope that it will be useful for network administrators, teachers, security consultants/professionals, forensic staff, security software vendors, professional penetration tester and everyone else that plans to use it for ethical reasons. The author will not help or support any illegal activity done with this program. Be warned that there is the possibility that you will cause damages and/or loss of data using this software and that in no events shall the author be liable for such damages or loss of data. Please carefully read the License Agreement included in the program before using it.
The latest version is faster and contains a lot of new features like APR (Arp Poison Routing) which enables sniffing on switched LANs and Man-in-the-Middle attacks. The sniffer in this version can also analyze encrypted protocols such as SSH-1 and HTTPS, and contains filters to capture credentials from a wide range of authentication mechanisms. The new version also ships routing protocols authentication monitors and routes extractors, dictionary and brute-force crackers for all common hashing algorithms and for several specific authentications, password/hash calculators, cryptanalysis attacks, password decoders and some not so common utilities related to network and system security.
What's New:
Software Like Cain And Abel
- Added Windows Vault Password Decoder.
- Added Windows 8 support in LSA Secret Dumper.
- Added Windows 8 support in Credential Manager Password Decoder.
- Added Windows 8 support in EditBox Revealer.
- Added ability to keep original extensions in fake certificates.
- Added support for Windows 8 RDP Client in APR-RDP sniffer filter.
- Winpcap library upgrade to version 4.1.3 (Windows8 supported)
- Added Root Certificate Generator in Certificate Spoofing configuration page.
- Added experimental Certificate Injection feature to inject custom certificates into HTTPS/ProxyHTTPS responses directed to victim APR's clients.
- Added Anticache option for APR-HTTPS/APR-ProxyHTTPS (touch 'If-Modified-Since' and 'If-None-Match' fields in HTTP headers from client).
- Added Anticompress option for APR-HTTPS/APR-ProxyHTTPS (touch 'Accept-Encoding' field in HTTP headers from client).
- Added Anticompress option for APR-IMAPS (touch 'COMPRESS=DEFLATE' field in capabilities from server).
- Speed improvement in Certificate Collector.
- Speed improvement in APR engine.
- Speed improvement all APR-SSL sniffer filters.
- Added Automatic extraction of Subject Common Name (CN) from server certificates to be used as hostname in APR-SSL lists.
- Preservation of Subject Alternative Name extension in fake certificates.
- New Base64 Password Decoder dialog.
- OpenSSL library upgrade to version 1.0.1f.
- OUI List updated.
- Several bugs fixed.