Sunday, November 7, 2010

How to crack password using CAIN

In this post, i am going to tell you about how to crack the password of the remote machine by using the cain&abel utility.

As earlier in one of my blogs, i have written about network security, i have written about using strong passwords and updating them frequently, here i will show why we need to do so.

For this you need to have cain&abel installed on your machine. You can get it from the link provided here.

Next install it on the machine.

Now run it..... you will get the window as shown here...

Start the sniffer by pressing onto it.........
It will start sniffing packets from the LAN.

Now it captures the request which a computer from LAN sends to the remote computer whom it is tryig to access. It sends its NTLM hash. So unless someone access the machine on which we have run the sniffer, we can't get its hash.

So there is a trick to get as much requests as possible by sharing a folder having "CACHY" name so that people try to click on it and try to open it, then the sniffer will capture its NTLM session hash.

To view the hashes captured, goto sniffer tab -> passwords and then click on SMB on the left hand side...

Now just right click on the HASH you want to crack and select "send to cracker".

Now goto the CRACKER tab and select LM & NTLM hash from the left side....
You will get all the hashes which you have sent for cracking..

Now right click on any hash which you want to crack, select brute force attack -> NTLM session security hashes

Now it will ask for the specifications about which kind of password it is..

Now here comes some common user error exploits....
1. Most of the users keep their passwords as simple words of english or numbers.
2. The password is of small length
3. Password comprises of either alphabets or simply numbers.
4. Only one kind of case-letters is used, either upper-case letters or lower-case letters.
5. Less than 8 characters.

So predicting this first leads to saving a lot of time and makes cracking possible in a short span of time.

So in the dialog box which appears, choose the predefined characterset or have your own...

Minimize the password length so that it can be guessed soon if it is really small..

Then start the cracking..

This is how you can crack the passwords of the remote machines...

If you have some hash which has complex password and you are unable to break it, then you can submit it to the websites which accept hashes and they will give you the result of cracking after it is cracked..

This cracking is by Brute Force method about which i have explained in one of my ppt uploaded. You can watch it here...

 So after watching this i hope you will try to keep strong network passwords..

I hope you would have enjoyed this blog...
If you do, then do share it with others..

THANKS....... :)


  1. How much time it would take????

  2. It depends on the complexity of the password....
    If it is a number, then within few seconds, if it consists of upto 5 or 6 characters, then within minutes.... but if it consists of both alphabets and numbers or uppercase and lowercase characters... then it takes time. In that case, you can use Rainbow tables.... they are much faster than this...