Lab Assignment 1 Questions 1. Explain the two different types of attacks that can be performed in Cain and Abel to crack user account passwords. Which do you think is the most effective and why?

Cain and Abel is a MS operating password recovery instrument made for administrators and security professionals. Brute Force and Dictionary attacks through LM via Lan Manager and NTLM via NT LAN Manager hashes were used in the following assignment. Brute Force attack “is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies” (Rouse, 2006). This method is considered time consuming because it goes through all possible combinations of characters. Dictionary attack “is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password” (Rouse, 2005).

In addition Cain and Abel has the ability to use Cryptanalysis attacks to break passwords, it is considered the fastest [time memory trade off method], being faster than brute force attacks while also not needing as much memory as dictionary attacks (Gates, 2006). During the lab assignment I found that Dictionary attack with NTLM was the most effective. It allows the user to select more search options like reverse, lowercase and uppercase…etc. It was the fastest method in cracking the passwords. According to Cain and Able online user manual LM hash is the weakest between the two hashes. NT LAN Manager was put into place to tackle the security issues and weaknesses missing from LM encryption.

2. Compare and contrast the results from the two methods used to crack the accounts for the three passwords each encrypted by the two hash algorithms. What conclusions can you make after using these two methods?

As instructed in the lab assignment I used Brute Force attack and Dictionary attack, two password cracking methods using LM and NTLM encryption algorithms. Both algorithms can do the job of cracking passwords however I found that Dictionary attack with the NTLM hash to be the fastest and successful technique in breaking the password. Brute Force with both LM and NTLM did not reveal the password in a decent amount of time reading in years to complete. Industries must ensure that they have strong policies in place to protect information data. Security holes like weak passwords do not stand a chance with software like Cain and Able Dictionary NTLM attacks cracking passwords in less than a minute. See table below for results:

Encryption Hashes | User 1 (password) | User (hack1ng) | User 3 (P@ss0rd) | Brute Force LM | No. (1 of 2 hashes) est. 8 hours | No. (0 of 2 hashes) est. 11 hours | No. (0 of 1 hash) est. 10 hours | Brute Force NTLM | No. (0 of 1 hash) est. years | No. (0 of 1 hash) est. years | No. (0 of 1 hash) est. years | Dictionary LM | Yes. 3 minutes | Yes. 2 minutes | No. (0 of 1 hash) Stopped after 3 minutes | Dictionary NTLM | Yes. Less than 1 minute | Yes. 1 minute | No. (0 of 1 hash) Stopped after 3 minutes |

3. Research another algorithm used to store passwords that were not discussed here.

Another algorithm used to store passwords is MD5 (Message-Digest algorithm) used to check data integrity (

4. Research another password recovery software program and provide a thorough discussion of it. Compare and contrast it to Cain and Abel.

There are a number of trustworthy password recovery software programs such as LCP, Ophcrack, Windows Key, Windows Password Unlocker and Hash Suite (Wallen, 2012). Ophcrack seems to be the most popular software program being used for password recovery. The software is free, has an open source, fast, and reliable, this explains its popularity. The software uses rainbow tables to crack LM and NTLM hashes at extremely high speeds, even strong passwords against this software stand a chance of being exposed. Cain and Able primarily uses Brute Force and Dictionary LM/NTLM attacks to recovery passwords, going through thousands of letters, numbers and special charters. “Rainbow tables pre-computes the hashes used by passwords, allowing for a speedy password lookup by comparing the hashes it has, instead of computing them from scratch” (Sidel, 2008).

5. Anti-virus software detects Cain and Able as malware. Do you feel that Cain and Able is malware? Why or why not?
Although Cain and Able is used to test and detect vulnerabilities in the network for IT professionals, it is still labeled as malware due to the damage it can cause when being used in an unethical way. The software is obviously used for multi-purposes and can serve as a great tool for administrators to discover and patch security holes in the network. Of course, if Cain and Able was in the hands of a black hat hacker then the intentions of using it would be different.

References
Features overview [Cain and Abel Online User Manual]. Oxid.it. Retrieved from http://www.oxid.it/ca_um/

Gates, C. (2006). Tutorial: Rainbow tables and rainbow crack. The Ethical Hacker Network. Retrieved from http://www.ethicalhacker.net/content/view/94/24

Rouse, M. (2006). Definition brute force cracking. Search security. Para 1. Retrieved from http://searchsecurity.techtarget.com/definition/brute-force-cracking

Rouse, M. (2005). Definition dictionary attack. Search security. Retrieved from http://searchsecurity.techtarget.com/definition/dictionary-attack

Sidel, S. (2008). Ophcrack: Password cracking made easy. SearchSecurity. Retrieved from http://searchsecurity.techtarget.com/tip/Ophcrack-Password-cracking-made-easy

Wallen, J. (2012). Five trustworthy password recovery tools. TechRepublic. Retrieved from http://www.techrepublic.com/blog/five-apps/five-trustworthy-password-recovery-tools/

http://searchsecurity.techtarget.com/definition/MD5

http://www.academia.edu/1416747/Password_Recovery_through_Cain_and_Abel_RainbowCrack_and_the_Vulnerability_of_MD5