1
00:00:00,910 --> 00:00:05,860
‫So we imported hashas from a text file and now the time to crack the passwords.

2
00:00:07,970 --> 00:00:12,500
‫After selecting the hash file, we can click next to jump to the next step.

3
00:00:13,420 --> 00:00:16,690
‫And Kane gets the rose from the file and creates his table.

4
00:00:17,590 --> 00:00:23,620
‫As you see, there are the users and there are the users passwords, elim and until hashes.

5
00:00:24,500 --> 00:00:31,450
‫Select one of them, I'll choose administrator, right, click on the line under a dictionary, attack,

6
00:00:31,460 --> 00:00:33,380
‫select and TLM hashes.

7
00:00:34,310 --> 00:00:37,090
‫So we are in the dictionary attack windows now.

8
00:00:38,150 --> 00:00:43,850
‫Dictionary list is empty at the moment, so we have to choose at least one dictionary to perform an

9
00:00:43,850 --> 00:00:45,410
‫attack, right.

10
00:00:45,410 --> 00:00:48,710
‫Click on the dictionary table and select add to list.

11
00:00:49,880 --> 00:00:57,200
‫Now we need a dictionary, almost every tool has dictionaries by default, so I want to look at the

12
00:00:57,200 --> 00:01:06,290
‫Cain folder to see if there is any program files x Eighty-six because Cain is a 32 bit application Cain.

13
00:01:07,730 --> 00:01:15,700
‫Wordlist here, there's a wordlist text file, so let's look at its contents and just a little tip here.

14
00:01:16,010 --> 00:01:22,640
‫I generally use notepad plus plus and Windows Systems, which is much more powerful than the original

15
00:01:22,640 --> 00:01:23,200
‫notepad.

16
00:01:23,930 --> 00:01:30,170
‫If you try to open this file with Windows notepad app, it may take a few minutes to open the file because

17
00:01:30,170 --> 00:01:31,040
‫it's a really big one.

18
00:01:32,060 --> 00:01:33,110
‫So right.

19
00:01:33,110 --> 00:01:34,310
‫Click and select.

20
00:01:34,460 --> 00:01:35,930
‫Edit with notepad plus.

21
00:01:35,930 --> 00:01:38,750
‫Plus this is the word list.

22
00:01:39,410 --> 00:01:45,800
‫If you look at the bottom of the notepad, you'll see that the file is almost three and a half million

23
00:01:46,130 --> 00:01:47,030
‫lines.

24
00:01:47,630 --> 00:01:54,350
‫OK, so I want to look at the word one, two, three, four QQQ uppercase.

25
00:01:54,350 --> 00:01:57,110
‫Q which is the password of the administrator user.

26
00:01:57,800 --> 00:02:00,380
‫The word list does not contain this word.

27
00:02:00,980 --> 00:02:04,260
‫If we started the attack with this dictionary, we're just going to fail.

28
00:02:05,030 --> 00:02:07,070
‫So I want to show you a successful attack.

29
00:02:07,700 --> 00:02:10,520
‫So therefore I'll just add the word here.

30
00:02:11,600 --> 00:02:18,800
‫So let me go down a bit, because I want to show the speed of the trials as well somewhere here, so

31
00:02:18,800 --> 00:02:19,490
‫I'll add the word.

32
00:02:21,870 --> 00:02:23,190
‫Save the file and close.

33
00:02:29,970 --> 00:02:30,990
‫Now in Caen.

34
00:02:32,040 --> 00:02:35,970
‫I'll add the word text file as a dictionary.

35
00:02:39,360 --> 00:02:45,720
‫Now, here there are some options, most of the password cracking tools, including Cain, have these

36
00:02:45,720 --> 00:02:46,530
‫kinds of options.

37
00:02:47,040 --> 00:02:50,730
‫Password cracking tools do not just use words as they are.

38
00:02:51,090 --> 00:02:57,990
‫They are also able to use the words in various forms, reverse, double lowercase, uppercase, adding

39
00:02:57,990 --> 00:02:59,640
‫no behind the words, etc..

40
00:03:00,620 --> 00:03:06,740
‫So we had the dictionary select the options and we're ready to launch the attack by clicking the start

41
00:03:06,740 --> 00:03:07,040
‫button.

42
00:03:08,090 --> 00:03:09,710
‫And now the cracking starts.

43
00:03:11,400 --> 00:03:17,490
‫As you can see in the key rate field, Kane tries more than two million passwords a second.

44
00:03:17,990 --> 00:03:23,390
‫Now there are three and a half million passwords to try, but don't forget the options selected.

45
00:03:23,600 --> 00:03:28,970
‫Every word is tried, as is reverse, double numbers added, et cetera.

46
00:03:29,330 --> 00:03:34,030
‫So there are tens of tries for a single line of the word list.

47
00:03:35,000 --> 00:03:38,870
‫And here it is, Cain found the password from the hash in seconds.

48
00:03:39,230 --> 00:03:40,220
‫Well done, Cain.

49
00:03:43,720 --> 00:03:49,960
‫So in the table, the cracked password values are set by Cain, and do you see the password?

50
00:03:50,440 --> 00:03:51,520
‫It's all uppercase.

51
00:03:52,530 --> 00:03:53,900
‫So let's try another user.

52
00:03:54,640 --> 00:03:57,220
‫I really don't know the password of this user.

53
00:03:57,460 --> 00:03:58,000
‫So right.

54
00:03:58,000 --> 00:04:03,190
‫Click Dictionary attack and TLM hashes same dictionary and start.

55
00:04:04,250 --> 00:04:07,220
‫It makes more than two million tries per second this time.

56
00:04:11,440 --> 00:04:12,550
‫And the attacks finished.

57
00:04:13,520 --> 00:04:19,340
‫But we failed this time, we couldn't find the password with this small of a dictionary.