Download Password Cracking Using Cain & Abel and more Lecture notes Computer Science in PDF only on Docsity!
Password Cracking Using Cain & Abel
Learning Objectives: This exercise demonstrates how password could be cracked through
various methods, specifically regarding MD5 encrypted passwords.
Summary: You will use Cain & Abel for this exercise.
Deliverables: Submit a lab report by answering the review questions. In some review
questions, you may provide screen captures.
Dictionary attack
Dictionary attack uses a predetermined list of words from a dictionary to generate possible passwords that may match the MD5 encrypted password. This is one of the easiest and quickest way to obtain any given password.
- Start Cain & Abel via the Desktop Shortcut ‘Cain’ or Start menu.
a. (Start > Programs > Cain > Cain).
- Choose ‘Yes’ to proceed when a ‘User Account Control’ notification pops up regarding software authorization.
- Once on, select the ‘Cracker’ tab with the key symbol, then click on MD5 Hashes. The result should look like the image below.
Penn State Berks
- As you might have noticed we don’t have any passwords to crack, thus for the next few steps we will create our own MD5 encrypted passwords. First, locate the Hash Calculator among a row of icons near the top. Open it.
- Next, type into ‘Text to Hash’ the word password. It will generate a list of hashes pertaining to different types of hash algorithms. We will be focusing on MD5 hash so copy it. Then exit calculator by clicking ‘Cancel’ (Fun Fact: Hashes are case sensitive so any slight changes to the text will change the hashes generated, try changing a letter or two and you will see. This is called the avalanche effect .)
- After you exit, right click and select ‘Add to list’ , paste your hash then click OK. Your first encrypted password! But don’t stop there, add the following MD5 hashes from the words PaSS , 13579 , 15473 , sunshine89 , and c@t.
Penn State Berks
Rainbow Tables
Rainbow tables use pre calculated MD5 hashes sorted on a table(s) to compare to encrypted MD5 files in order to find a match thus cracking the password. This type of password cracking trades time and storage capacity.
- Continuation from the previous ‘Dictionary Attack’ section. Cain & Abel should already be opened with following MD5 encrypted passwords.
- Now with the other half of the passwords still encrypted, we will be using rainbow table attacking to see if we can finally crack them. Select all six passwords, right click, and select ‘Cryptanalysis Attack via RainbowTables’.
Penn State Berks
- A window will pop up and you could see under ‘Sorted Rainbow Tables’ there is already a MD5 rainbow table already added. Notice the specifications for that specific rainbow table. Click ‘Start’ when ready. ‘Exit’ when done.
Review Questions (to be submitted)
● Why was ‘PaSS’ the only one decrypted using this rainbow table? ● Compared to Dictionary Attack was Rainbow Table Attack able to crack faster? Why or why not? ● Why do you think rainbow tables take so much time and space to use?
Penn State Berks
- When ready click ‘Start’. Once it’s done calculating ‘Exit’. Your final results should be the same as below. All of them should be cracked! Yay!
- We got all the passwords! However, let’s try adding one more. Go to the ‘Hash Calculator’ , type in ‘PassWORD’ and ‘Calculate’. Copy the MD5 code and insert it on the the workbench. Click on it, right click and ‘Dictionary Attack’. Reset then ‘Start’. Did it work? If not, try it with the Rainbow Tables. Did that work?
- If all else fails, Brute Force attack is the only option left. Open the ‘ Brute Force Attack ’ window.
- Under Charset with Predefined selected, select the drop down bar and choose the one with just the lowercase and UPPERCASE key. Turn down the max under password length to 8. Press Start.
- The time needed to go through all the possible combinations is within the range of 90 120 days !! We need to stop, select ‘Stop’.
Penn State Berks
- So why does it take this long just to crack a single password like ‘ PassWORD’ using brute force attack? Let’s do an experiment and let’s increase the max to 12 and keep min on 1 (This will be our constant variable). Next, under the drop down bar select the one with ALL UPPER CASE LETTERS. Select ‘Start’ , observe the time needed, and record. Select ‘Stop’ after your observation.
Predefined Key Time Needed for All Combinations
Upper case ONLY
Numbers ONLY
Upper and Lower Case ONLY
Upper, Lower, & Number
Everything!
- Next reset min to 1 , set predefined to all numbers. Select ‘Start’ , observe, and record. Stop. Repeat for the rest the table.
Review Questions (to be submitted)
● Is brute hacking a good option? What are your thoughts on it compared to other methods of password cracking? ● Why was the password (PassWORD) harder to crack compared to the others? ● Why were the two passwords (15473 and c@t69) that wasn’t cracked previously, cracked now? ● Are there any correlation between the length and variety within passwords that make it crackable or uncrackable? ● Is there anyway to speed up the time needed to crack hard passwords?