Cain and Abel 4.3 is available

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols

Tracked by SD Tools Watch

New features:

  • Cain’s MitM NTLM Challenge Spoofing. (Requires APR to be active and a MitM condition between victim hosts).
    You can now spoof server challenges in NTLM authentications; this feature enables the use of RainbowTables for cracking network hashes.
    WARNING !!! Enabling Challenge Spoofing cause users to fail authentications so use it carefully.
  • NTLM Session Security authentications downgrade to LM&NTLMv1. The following protocols are supported: SMB, DCE/RPC, TDS, HTTP, POP3, IMAP, SMTP.
  • LM + spoofed challenge Hashes Cryptanalysis via Sorted Rainbow Tables.
  • HALFLM + spoofed challenge Hashes Cryptanalysis via Sorted Rainbow Tables.
  • NTLM + spoofed challenge Hashes Cryptanalysis via Sorted Rainbow Tables.
  • New types of RainbowTables have been added to Winrtgen v2.4.
    "lmchall" and "ntlmchall" tables can be used against LM and NTLM response hashes for spoofed challenges (default: 0x1122334455667788).
    "halflmchall" tables can be used against the first 8 bytes LM response hashes for spoofed challenges to recover the first 7 characters of the original password.
  • Added HALFLMCHALL hashes submission to rainbowcrack-online client.
  • Ability to dump LSA Secrets directly from SYSTEM and SECURITY registry hive files.

Post scriptum


Comments

Related Articles

Cain and Abel
Data Sniffer
Information Gathering
Password Cracking
Telephony Scanner