Archive for November 23, 2007
install and collect the data, password or acting like from another computer
from http://sectools.org, this tool has increase popularity rank from 23 to 9.
with this tools you can do anything, from sniffing the network, cracking local password and the most thing that this tools can combine that, sniffing password from the network and crack it.
when you in a local area network which use a hub as switch, you will do almost all the tools ability. because the sniffing can be done from switch hub environment or from cable tap.
with the support of airpcap hardware and its driver you can gain access to the wireless network, from packet injection to cracking the wireless encryption.
sectools write this comment to this tools
Cain and Abel : The top password recovery tool for Windows
UNIX users often smugly assert that the best free security tools
support their platform first, and Windows ports are often an
afterthought. They are usually right, but Cain & Abel is a glaring
exception. This Windows-only password recovery tool handles an enormous
variety of tasks. It can recover passwords by sniffing the network,
cracking encrypted passwords using Dictionary, Brute-Force and
Cryptanalysis attacks, recording VoIP conversations, decoding scrambled
passwords, revealing password boxes, uncovering cached passwords and
analyzing routing protocols. It is also well documented.
from its original site, it ha released the new version which has several feature and fixes Cain & Abel v4.9.8 released
– Added support for new AES-128bit Keyfobs in RSA SecurID Token Calculator.
– Microsoft SQL Server 2005 Password Extractor via ODBC.
– Fixed a bug in Internet Explorer 7 AutoComplete password decoder.
– Default HTTP users and passwords fields updated.
– Automatic recognition of AirPcap TX capability based on channels.
from the site, they describe this tool like this:
Cain & Abel is a password recovery tool for
Microsoft Operating Systems. It allows easy recovery of various kind of
passwords by sniffing the network, cracking encrypted passwords using
Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP
conversations, decoding scrambled passwords, recovering wireless
network keys, revealing password boxes, uncovering cached passwords and
analyzing routing protocols. The program does not exploit any software
vulnerabilities or bugs that could not be fixed with little effort. It
covers some security aspects/weakness present in protocol’s standards,
authentication methods and caching mechanisms; its main purpose is the
simplified recovery of passwords and credentials from various sources,
however it also ships some “non standard” utilities for Microsoft
Cain & Abel has been developed in the hope that it will be useful for
network administrators, teachers, security consultants/professionals, forensic
staff, security software vendors, professional penetration tester and everyone
else that plans to use it for ethical reasons. The author will not help or support
any illegal activity done with this program. Be warned that there is the possibility
that you will cause damages and/or loss of data using this software and that
in no events shall the author be liable for such damages or loss of data. Please
carefully read the License Agreement included in the program before using
The latest version is faster and contains a lot of new features
like APR (Arp Poison Routing) which enables sniffing on switched LANs and Man-in-the-Middle
attacks. The sniffer in this version can also analyze encrypted
protocols such as SSH-1 and HTTPS, and contains filters to capture credentials
from a wide range of authentication mechanisms. The new version also ships routing protocols authentication
monitors and routes extractors, dictionary and brute-force crackers for all common hashing algorithms and
for several specific authentications, password/hash calculators, cryptanalysis
attacks, password decoders and some not so common utilities related to
network and system security.
for completed documentation you can read the documentation area here
__original site http://www.oxid.it
and you can download it from : http://www.oxid.it/cain.html