Monday, October 17, 2011

How to Hack a Computer - Cain and Cable

7:09 AM  Najeeb UzZaman Ahmed  No comments

Cain and Abel (sometimes called simply "Cain") is a Windows password recovery tool. It can recover many kinds of passwords using methods such as network packet sniffing, cracking various password hashes by using methods such as dictionary attacks, brute force and cryptanalysis attacks. Cryptanalysis attacks are done via rainbow tables which can be generated with the winrtgen.exe program provided with Cain and Abel. Cain and Abel is maintained by Massimiliano Montoro.Kumar has already posted about how to use Cain and Abel to hack Networks.

Cain & Abel is a useful tool for network administrators, teachers, security consultants/professionals, forensic staff, security software vendors, professional penetration tester and everyone else that plans to use it for ethical reasons. 

How to hack a Computer with Cain and Able

  • This hack will only work for Computers connected on LAN.
  • First of all download Cain and Abel Software.
  • Now install the software and open it . Make sure that you dont have any active antivirus on your pc.
  • First Click the Sniffer Tab.
  • Now Click on the sniffer button in the top toolbar. On clicking ,the sniffer will start.
  • Now click on + button to add the range of ip address you want to hack on LAN. Like in my hostel my ip is something like 15.15.15.04 so I have given the range from 15.15.15.1 to 15.15.15.254 .
  • Tick the option which says " All Tests ".
  • Click OK and you will see the software will start all the test.
  • After completion of these tests you will see the MAC Addresses ,IP addresses and OUI fingerprints of all computers running in your LAN .
  • Now click on APR tab below.In APR there are two windows .
  • Click on the above window and the + button will appear above .Now Click that button and a new window will open.
  • Left side window will show all the ip addresses and right window will be empty.
  • Click on any IP address in the Left Window and all other IPs will automatically appear in right window.Suppose I click on 15.15.15.1 .
  • Press Cntrl and select all the ips in the right window and Click OK.
NOTE: What you are doing ? Actually you are going to poison all the other ips using 15.15.15.1 . In this way you will be totally safe . If someones tries to know who is poisoning then he will get the ip of 15.15.15.1 and you are safe here :)
  • All these ips will be shown in above window.
  • Now Click on APR Button in the top toolbar and as you click on that button poisoning will start.It will show in the below window.
  • Now click on the Password tab below.
  • In the left  list you will see HTML .Click on it.
  • Hurrah you got the passwords of all the PCs and also the sites they have recently visited .
NOTE: APR poisoning is very dangerous , and during this hack your LAN is fully loaded and it affects the speed a lot .

Status with Virus Scanners

  • Some virus scanners, notably Avast! detect Cain and Abel as 'malware' "Win32:Cain-B [Tool]". It's classified in Avast! as "Other potentially dangerous program". 
  • The author, and owner of oxid.it states that his programs are not Malware. Even if Cain's install directory, as well as the word "Cain", are added to Avast's exclude list, the real-time scanner will stop Cain from functioning. 
  • The latest version of Avast no longer blocks

Attacks Available in Cain and Abel

  • The latest version is faster and contains a lot of new features like APR (Arp Poison Routing) which enables sniffing on switched LANs Man-in-the-Middle attacks. 
  • The sniffer in this version can also analyze encrypted protocols such as SSH-1 and HTTPS, and contains filters to capture credentials from a wide range of authentication mechanisms. 
  • The new version also ships routing protocols authentication monitors and routes extractors.
  • Dictionary and brute-force crackers for all common hashing algorithms and for several specific authentications, password/hash calculators, cryptanalysis attacks, password decoders and some not so common utilities related to network and system security.

Features

  • WEP cracking
  • Speeding up packet capture speed by wireless packet injection
  • Ability to record VoIP conversations
  • Decoding scrambled passwords
  • Calculating hashes
  • Traceroute
  • Revealing password boxes
  • Uncovering cached passwords
  • Dumping protected storage passwords
  • ARP spoofing
  • IP to MAC Address resolver
  • Network Password Sniffer

Posted in:

0 comments:

Post a Comment

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More