Project 18: Cracking Windows Passwords with Cain and Abel (10 Points)

What You Need for This Project

What You Need

Disabling Password Complexity

If you are using Windows Server 2008, you need to disable Password complexity. If you are using a client version of Windows such as Windows 10 you do not need to do this.

Click Start and type in

secpol.msc
When it finds the program, as shown below, press Enter.

In Local Security Policy, in the left pane, click the + sign to expand "Account Policies", as shown below.

In the left pane, click "Password Policy".

In the right pane, double-click "Password must meet complexity requirements".

In the "Password must meet complexity requirements Properties" box, click Disabled, as shown below.

Then click OK.

Creating Passwords to Crack

Click Start, type in CMD and press Shift+Ctrl+Enter. If a "User Account Control" box appears, click Yes.

In the Administrator Command Prompt window, execute these commands:

net user p3 abc /add
net user p5 abcde /add
net user p7 abcdefg /add
Those commands create three new users on the system.

Downloading Cain & Abel

If you are working at home: If that site is blocked, which it now is at CCSF, use this alternate download link:
proj10/ca_setup-4-9-56.7z
Unzip the downloaded file with 7-Zip, using the password sam

If you don't have 7-Zip, get it here:

http://www.7-zip.org/

Installing Cain & Abel

Double-click the installer. Install the software with the default options. It will install WinPCap as well as Cain & Abel.

Displaying the Password Hashes

Click Start, type in CAIN. Right-click Cain in the results and click "Run as Administrator".

If a "User Account Control" box appears, click Yes.

In the Cain window, at the top, click the Cracker tab. Move the mouse to the center right, where a blank white pane appears with a gray grid.

Right-click and click "Add to list". In the "Add NT Hashes from" box, click Next.

The password hashes appear, as shown in the figure below. The LM hashes will all be the same if you are using Windows Vista or later, but the NT hash contains the password information.

Cracking Passwords

In the right pane, right-click p3, point to "Brute-Force Attack", and click "NTLM Hashes", as shown below on this page. Note: we are cracking the NTLM hashes, not the old, weak LM hashes. The NTLM hashes are much more difficult to crack, so it will only work for short passwords.

In the "Brute-Force Attack" box, click the Start button. It should find the three-letter password immediately. Close the "Brute-Force Attack" box.

In the right pane, right-click p5, point to "Brute-Force Attack", and click "NTLM Hashes".

In the "Brute-Force Attack" box, click the Start button. It should find the five-letter password within a few seconds. Close the "Brute-Force Attack" box.

In the right pane, right-click p7, point to "Brute-Force Attack", and click "NTLM Hashes".

In the "Brute-Force Attack" box, click the Start button. The seven-letter password is hard to crack, however– no answer appears immediately. It might take a long time to crack, so we'll give up. Click the Stop button. Click the Exit button.

You should see the two passwords you found, abc and abcde, in the NT Password column of the Cain window, as shown below.

Saving a Screen Image

Make sure your screen shows the found passwords abc and abcde.

Press the PrintScrn key in the upper-right portion of the keyboard. That will copy the whole desktop to the clipboard.

YOU MUST SUBMIT A FULL-SCREEN IMAGE TO GET FULL CREDIT!

Open Paint and paste in the image.

Save the image with the filename "Your Name Proj 18". Use your real name, not the literal text "Your Name".

Turning in your Project

Email the images to cnit.123@gmail.com with the subject line: Proj 18 from YOUR NAME


Last Modified: 11-9-16 8 pm