Password Cracking - An Exercise Using Cain and Abel to Crack User Passwords. The objective of this exercise was to use the various password cracking tools available in the Cain and Abel software application and to determine the efficiency and effectiveness of each technique. The following user accounts were created for testing purposes. The first user account had a relatively easy to break password and the two that followed had slightly more complex password structures. Username Password Character setictest. Lowercase lettersictest. Lowercase letters and numbersictest. Bre@k. 1ng Lowercase letters, uppercase letters, numbers and symbols. Cain & Abel v 2.5 Password Cracking Via ARP Cache Poisoning Attacks v.1 2004 Page 1 of 15. None of the above passwords created were overly complex for the purpose of testing the capabilities of the Cain and Abel software. The results of the lab follow along with addressing the following questions: Explain the two different types of attacks that can be performed in Cain and Abel to crack user account passwords. Which do you think is the most effective and why? Compare and contrast the results from the two methods used to crack the accounts. What conclusions can you make after using these two methods? Research another algorithm used to store passwords that was not discussed here. Include references in APA format.)Research another password recovery software program and provide a thorough discussion of it. Compare and contrast it to Cain and Abel. Include references in APA format.)Anti- virus software detects Cain and Able as malware. Do you feel that Cain and Able is malware? Why or why not? Types of Attacks using Cain and Abel. Two different types of attacks were used in this lab in attempts to break three different Windows usernames, each with a password slightly different in level of sophistication. These types of attacks are known as brute- force and dictionary attacks. Yan (Yan, J, Blackwell, A., Anderson r. Grant, A., 2. 00. Cain and Abel provides the ability to use predefined character sets and define the minimum and maximum password length. The character sets can include a mixture of lowercase letters, uppercase letters, numbers and special symbols. The more complex the character set, the longer it will take the software to run the different combinations during an attack. Dictionary attacks are more refined than brute- force where they don’t simply try all combinations but focus on a list of most likely used words. Pinkas (Pinkas, B. Sander, T., 2. 00. This in effect enables “adversaries to attempt to login to accounts by trying all possible passwords, until they find the correct one.” These forms of attack require access to large compilations of commonly used words usually in the form of a text document. For the lab, we used the default supplied text file wordlist. Cain Abel Crack. 10/6/2015 0 Comments Dec 17, 2012 A look at Cain Abel--a free password cracking and security tool that can come in handy for IT admins. 5) Right.
Files of this nature in real attacks can be upwards of seventy gigabytes in size. Dictionary attacks are potentially more efficient than brute- force methods because they are not blindly attempting all combinations of letters, numbers and symbols, as they are relying on higher probabilities choosing commonly used words and phrases. Contrasting the Lab Results. During the lab exercise both brute- force and dictionary attacks were used in attempts to crack the passwords of the three test accounts. The results of these attempts follow: User 1: ictest. A brute- force attack was attempted on ictest. The settings used for this attack included the default lowercase letter character set and a maximum number of password letters set to seven. The brute- force attack succeeded in recovering the password ‘testing’ in just over four minutes. When the character sets were adjusted to more complex combinations including upper case letters, numbers and symbols it was noted that the estimated time for completion jumped significantly. In the default state of using a brute- force attack on a 1. Next a dictionary attempt was made on ictest. Using the default wordlist dictionary, this attack took just under 1. Both methods succeeded during this test, however clearly the winner in efficiency was the dictionary method of attack. User 2: ictest. 2 / break. The next test involved a slightly more complicated password which included a mix of letters and numbers. During this test the brute- force attack estimated a completion of three days using the more advanced character set including lowercase letters and numbers as well as seven maximum characters. This test was stopped after five minutes. The dictionary attack again successfully cracked the password in a matter of seconds using the wordlist file, proving once again to be the winner in this scenario. User 3: ictest. 3 / Bre@k. During the third test neither methods of attack successfully recovered the password. The brute- force method used the more complex character set including lowercase letters, uppercase letters, numbers and symbols. It estimated 2. The dictionary attack concluded after twenty seconds of reviewing the entire wordlist. Concluding Thoughts. In terms of efficiency the dictionary method of attack was proven to be the winner during these basic tests. While the brute- force method certainly took much longer to complete, it did prove to be successful during the first test and given enough time for the subsequent tests, it may have proven to successfully retrieve the passwords of the second and third users. The dictionary attack is only as good as the file it feeds from, in this case a three megabyte text file was the base of its attack, which was successful for the first two accounts. Given a larger more sophisticated dictionary file to feed from, this method of attack could be potentially the most efficient and effective means of extracting passwords. While the brute- force method did prove to be much slower, if it had the opportunity to sit in the background without being noticed, over time it could eventually succeed. In conclusion, for the purpose of these small lab tests, the dictionary attack proved to be the most efficient and effective. MD5. MD5, which stands for Message- Digest algorithm 5 is a widely used algorithm for encrypting passwords used in software applications. It has become a popular specification in many widely used web application programs such as Internet bulletin board software, Content Management Systems (CMS) and general user authentication tools. Sasaki (Sasaki, Y., Yamamoto, G & Aoki, K., 2. MD5 as “hash function with Merkle- Damg°ard structure, which takes an arbitrary length message M as input, and outputs 1. H(M).” These hash values are the values that are stored in the database instead of plain text passwords. While MD5 has been around for a long time and is still used in many systems today, it has come under a lot of criticism in recent years due to vulnerabilities in the algorithm. In his paper, ‘MD5 to be considered harmful someday,’ Kaminsky (2. MD5 with regards to its weaknesses and many recommend using newer algorithms such as SHA- 2 (Secure Hash Algorithm). As the security industry continues in advancements towards more secure algorithms, more weaknesses and vulnerabilities will no doubt be discovered over time so it is very likely that we will see many more ways of storing passwords through the use of algorithms in the future. Ophcrack. During the lab test, two methods of attack were used in an effort to discover the passwords from the test accounts, brute- force and dictionary. A third method known as cryptanalysis, which is also supported in Cain and Abel wasn’t used in the lab tests described earlier. The cryptanalysis approach, like the dictionary method, also relies on a data file in order to carry out its attack. In the case of cryptanalysis, a file known as a rainbow table is used instead of a basic dictionary file. These rainbow tables according to Vacca (2.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
November 2017
Categories |