Cain & Abel Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary & Brute-Force attacks, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program comes in two versions because of the differences and limitations of some API. Version 2.5 is faster and contains a lot of new features like APR (Arp Poison Routing) which enables sniffing on switched LANs by hijacking IP traffic of multiple hosts at the same time. The sniffer can also analyze encrypted protocols such as SSH-1 and HTTPS if used with APR and a Man-in-the-middle situation. Cain also ships routing protocols authentication monitors and routes extractors, crackers for all common hashing algorithms and for other various specific authentications, password calculators (Cisco PIX Hashes, RSA SecurID Tokens), decoders (Access Databases, Base64, Cisco Type-7) and some utilities like the SiD-Scanner, the LSA Secrets Dumper, the Protected Storage Passwords Viewer, the NT Hash-Dumper (works with Syskey enabled), the Abel Remote Console, the MAC Scanner, the Promiscuous-Mode Scanner and the TCP/UDP/ICMP Traceroute + DNS Resolver + Netmask Discovery + WHOIS resolver (extract informations from RIPE's Database). CAIN FEATURES: - Protected Storage Password Manager - LSA Secrets Dumper - Users, Groups, Shares and Services Enumeration - SID Scanner - Local/Remote Service Manager - APR (ARP Poison Routing) ENABLES SNIFFING on switched networks. (more info in the topics area) - Sniffer filters for HTTP-BASIC, HTTP-FORM, HTTP-COOKIE, HTTP-NTLMv1, HTTP-NTLMv2, HTTP-NTLMSSP, POP3, IMAP, FTP, VNC, HSRP, SMTP, NNTP, TDS (Sybase and MS-SQL), MS-Kerberos5 Pre-Auth, VRRP, RIPv2, OSPF, SMB (ClearText, NTLMv1, NTLMv2), NTLMSSP (NTLMv1, NTLMv2), RADIUS, ICQ and MSN Messenger authentications - HSRP, VRRP, RIPv1, RIPv2, EIGRP, OSPF Monitors - Full Telnet sessions sniffer - Full SSH-1 sessions sniffer for APR (FULL-DUPLEX, stealth, supports DES, 3DES, Blowfish symmetric encryption algorithms, auto-downgrade to SSH-1 if server version is v1.99) - Full HTTPS sessions sniffer for APR - Automatic HTTPS Certificates Collector - Auto IP-MAC Discovery - MAC Address Scanner with OUI fingerprint - Promiscuous-mode Scanner based on ARP packets - Access (9x/2000/XP) Database Passwords Decoder - Base64, Cisco type-7 and VNC Password Decoders - Password Crackers for common Hashes (MD2, MD4, MD5, SHA-1 and RIPEMD-160). - Password Crackers for specific authentications (PWL files, Cisco-IOS Type-5 enable passwords, Cisco PIX enable passwords, APOP-MD5, CRAM-MD5, NT HASHES & NTLMv1, NTLMv2, RIPv2-MD5, OSPF-MD5, VRRP-HMAC-96, VNC-3DES, MS-Kerberos5 Pre-Auth), MSN Messenger, RADIUS Shared Secrets). - NT Hash Dumper (works with Syskey enabled) - Box Revealer - RSA SecurID Token Calculator - Hash Calculator for common hashing algorithms - Cisco PIX password calculator - Route Table Manager - TCP/UDP Table Viewer - TCP/UDP/ICMP traceroute with DNS resolver and WHOIS client ABEL FEATURES: - Runs as a service - Remote Console - Remote Route Table Manager - Remote TCP/UDP Table Viewer - Remote Hash Dumper (works with Syskey enabled) - Remote LSA Secrets Dumper REQUIREMENTS: Cain & Abel uses the Packet Driver contained in the package WinPcap from Politecnico di Torino; please check the documentation on their site. The Cain & Abel homepage is located at: http://www.oxid.it/cain.html Cryptographic signatures and checksums may be provided by the developers at the URL(s) above. Wiretapped recommends that users check these before use of the software/information.