Cain & Abel password recovery and cracking tools

Source: Internet
Author: User
Tags microsoft access database rsa securid

Cain & Abel is a password restoration tool on Windows. It uses multiple methods to restore multiple passwords, including network sniffing, Dictionary, brute force, and password analysis to crack and decrypt passwords, record VoIP sessions, and decode mixed passwords, recover the wireless network key, reveal the password asterisks entered in the password box to view), disclose the buffer password and analyze the routing protocol.

This tool does not exploit any software vulnerabilities or defects. He exploits the security issues and internal weaknesses in protocol standards, authentication methods, and buffer mechanisms, and primarily aims to easily restore passwords and creden。 of various programs. The software consists of two parts: Cain and Abel. Caincain.exe is the main graphic interface of the program. abelis a Windows service consisting of the file abel.exe and Abel. dll. The software is

> Go to the treasure chest of network security tools and check out other security tools.

Cain functions include:

Protect password management in the storage zone: reveal passwords for Outlook, Outlook Express, Outlook Express Identities, Outlook 2002, Internet Explorer, and MSN Explorer stored locally.

Credential Manager and password decoder: reveal Passwords Stored in Enterprise Credential Sets in Windows XP/2003 and Local Credential Sets in the Local Credential Sets.

LSA private dump: dump the content of the Local Security Authority Secrets.

Dialing password decoding: reveals the passwords stored in the Windows "Dial-Up Network" component.

APRARP spoofing, ARP Poison Routing): supports sniffing and man-in-the-middle attacks on the exchange network.

Route table management: operate a route table with the same functions as Windows Command route.exe, but provides a graphical user interface.

SID scanner: extracts the username related to the Security Identifier SID and Security Identifier on the remote computer.

Network enumeration: extract user names, user groups, and services running on machines as much as possible.

Service Manager: You can stop, start, pause/recover, or delete a specified service.

Sniffer: captures passwords, hash values, and authentication information transmitted over the network.

Routing Protocol monitor: monitors various routing protocols such as HSRP, VRRP, r12001, r00002, and OSPF to capture authentication and share route tables.

Complete RDP Session sniffing: captures all data sent using Remote Desktop Protocol RDP and Remote Desktop Protocol in the network. Provides the client's key Interception Function.

Full SSH-1 session sniffing APR-SSH-1): ability to capture all data sent using HTTPS sessions in the network.

Full HTTPS session sniffing APR-HTTPS): captures all data sent using HTTPS sessions on the network.

Certificate COLLECTOR: capture the certificate of the HTTPS Web site and prepare for APR-HTTPS.

MAC address scanner that uses OUI fingerprints: Uses OUI to organize unique identifiers) for fingerprints to determine which type of devices the MAC address comes from.

ARP-based hybrid mode scanner: identifies the sniffer and network intrusion monitoring systems in the current LAN.

Wireless Scanner: Capable of scanning wireless network signals, providing their MAC addresses, the last time they were viewed, the estimated manufacturer, signal strength, and network name SSID) whether to use WEP, whether the network is a specialized network or infrastructure, and the network operating channel and speed. It also supports passive scanning and wep iv sniffing.

802.11 capture file decoding: Decode 802.11 capture file wireshark, pcap), which contains wireless frames encrypted using WEP or WPA-PSK.

Access9x/2000/XP) Database Password decoder: decode the encrypted password of the Microsoft Access database.

Base64 decoder: decodes Base64 encoded strings.

Cisco Type-7 password decoder: decode the Cisco Type-7 password used in the vro and vswitch configuration files.

Cisco VPN Client password decoder: decode the password of the Cisco VPN Client stored in the connection configuration file *. pcf.

VNC password decoder: decode the VNCVirtual Network Computing encrypted in the registry, and perform Virtual Network Computing) password.

SQL Server Enterprise Manager password decoding: decode the passwords used by Microsoft SQL Server Enterprise Manager to support SQL Server 7.0 and 2000 ).

Remote Desktop password decoding: decode the password in the Remote Desktop configuration file. RPD file.

PWL buffer password decoding: obtains all buffered resources and plaintext passwords from the locked or unlocked password list file. Applicable to Windows 95/98.

Password cracking tool: cracking passwords generated using multiple hash or encryption algorithms. Supports dictionary attacks and brute-force attacks. Hash algorithms include MD2, MD4, MD5, SHA1, SHA2256 bits), SHA2384 bits), SHA2512 bits), and RIPEMD160; encryption algorithms include PWL files, Cisco-IOS Type-5 enable passwords, Cisco PIX enable passwords, APOP-MD5, CRAM-MD5, LM, LM + Challenge, NTLM, NTLM + Challenge, NTLM Session Security, NTLMv2, RIPv2-MD5, OSPF-MD5, VRRP-HMAC-96, VNC-3DES Pre-Auth, RADIUS Shared Secrets, IKE Pre-Shared Keys, Microsoft SQL Server 2000, Oracle, MySQL323, MySQLSHA1.

Password analysis attack: password cracking using the "Faster Cryptanalytic time-memory trade off" method invented by Philip Oechslin is supported. This cracking technique uses a set of pre-computed encrypted passwords called Rainbow table and Rainbow Tables) to speed up password cracking.

WEP cracking: executes the Korek WEP attack on the 802.11 capture file containing the WEP initialization vector.

Rainbowcrack-online client: can act as a client, using the company's technology and service to crack the password. Payment is required for use.

NT Hash Dumper: whether or not Syskey is used, you can read the Hash value of NT from the SAM file. More powerful than PWDUMP2.

Syskey decoding: extracts the Boot Key used by the SYSKEY utility from the local registry or offline SYSTEM file.

MSCACHE hash dump: extract the MSCACHE password hash value stored in the local registry. The function is the same as that of the CacheDump tool.

Wireless Zero-configuration password dump: extracts the wireless key stored by the Windows Wireless Configuration Service.

Microsoft SQL Server 2000 password extraction: connect to SQL Server 2000 through ODBC, and extract all users and their passwords from the master database.

Oracle password extraction: connect to the Oracle server through ODBC and extract all users and passwords from the database.

MySQL password extraction: connect to the MySQL server through ODBC and extract all users and passwords from the database.

Asterisk view: the password hidden behind the asterisk is displayed in the Password dialog box.

RSA SecurID Token calculator: calculates the RSA key value using the corresponding. ASC file.

Hash Value calculator: hash value for a given text generator.

TCP/UDP port Browser: displays the status of the local TCP/UDP port. The function is the same as that of the command netstat.

TCP, UDP, and ICMP route tracking: the improved tracert.exe version of Windows is supported and provides whois client capabilities.

Cisco configuration downloader/Uploader SNMP/TFTP): Download the configuration files for the specified Cisco device host or IP address, and upload these files.

Abel provides the following functions:

Remote Console: provides remote system shell on a remote computer.

Remote route table management: allows you to manage route tables of a remote system.

Remote TCP/UDP port Browser: displays the status of the local port on the remote system. The function is the same as that of netstat.

Remote NT hash dump: whether or not the Syskey is used, the NT password hash value can be read from the SAM file.

Remote LSA private dump: dump the content of the Local Security Authority Secrets on the remote system.

Edit recommendations]

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.