1
00:00:00,940 --> 00:00:05,830
‫So we imported hashes from a text file, and now's the time to crack the passwords.

2
00:00:08,000 --> 00:00:12,470
‫After selecting the hash file, we can click next to jump to the next step.

3
00:00:13,450 --> 00:00:16,690
‫And Cain gets the rose from the file and creates this table.

4
00:00:17,620 --> 00:00:23,590
‫As you see, there are the users and there are the users passwords, Elm and TLM hashes.

5
00:00:24,560 --> 00:00:27,860
‫Select one of them, I'll choose Administrator.

6
00:00:28,430 --> 00:00:33,350
‫Right click on the line under dictionary tech, select and DOMA hashes.

7
00:00:34,310 --> 00:00:37,070
‫So we are in the dictionary tech windows now.

8
00:00:38,180 --> 00:00:43,850
‫Dictionary list is empty at the moment, so we have to choose at least one dictionary to perform an

9
00:00:43,850 --> 00:00:44,360
‫attack.

10
00:00:45,110 --> 00:00:48,710
‫Right click on the dictionary table and select Add to list.

11
00:00:49,910 --> 00:00:57,200
‫Now we need a dictionary, almost every tool has dictionaries by default, so I want to look at the

12
00:00:57,200 --> 00:01:04,820
‫Kane folder to see if there is any program files x86 because Kane is a 32 bit application.

13
00:01:05,600 --> 00:01:06,260
‫Kane.

14
00:01:07,730 --> 00:01:11,270
‫Word list here, there's a word list, text file.

15
00:01:11,960 --> 00:01:13,450
‫So let's look at its contents.

16
00:01:14,070 --> 00:01:15,710
‫And just a little tip here.

17
00:01:16,040 --> 00:01:22,610
‫I generally use Notepad Plus Plus in Windows systems, which is much more powerful than the original

18
00:01:22,610 --> 00:01:23,180
‫notepad.

19
00:01:23,960 --> 00:01:30,140
‫If you try to open this file with Windows Notepad app, it may take a few minutes to open the file because

20
00:01:30,140 --> 00:01:31,040
‫it's a really big one.

21
00:01:32,090 --> 00:01:36,320
‫So right click and select Edit with Notepad Plus Plus.

22
00:01:37,250 --> 00:01:38,720
‫This is the word list.

23
00:01:39,410 --> 00:01:45,800
‫If you look at the bottom of the notepad, you'll see that the file is almost three and a half million

24
00:01:46,100 --> 00:01:47,000
‫lines.

25
00:01:47,630 --> 00:01:55,970
‫OK, so I want to look at the word one two three four QQQ uppercase Q, which is the password of the

26
00:01:55,970 --> 00:01:57,110
‫administrator user.

27
00:01:57,800 --> 00:02:00,350
‫The word list does not contain this word.

28
00:02:01,010 --> 00:02:04,250
‫If we started the attack with this dictionary, we're just going to fail.

29
00:02:05,060 --> 00:02:07,040
‫So I want to show you a successful attack.

30
00:02:07,670 --> 00:02:10,510
‫So therefore I'll just add the word here.

31
00:02:11,630 --> 00:02:16,130
‫So let me go down a bit because I want to show the speed of the trees as well.

32
00:02:17,240 --> 00:02:18,080
‫Somewhere here.

33
00:02:18,530 --> 00:02:19,460
‫So I'll have the word.

34
00:02:21,900 --> 00:02:23,160
‫Save the file and close.

35
00:02:29,970 --> 00:02:30,960
‫Now in Kane.

36
00:02:32,070 --> 00:02:35,940
‫I'll add the word list that text file as a dictionary.

37
00:02:39,360 --> 00:02:41,640
‫Now here there are some options.

38
00:02:42,330 --> 00:02:46,500
‫Most of the password cracking tools, including Cane, have these kinds of options.

39
00:02:47,040 --> 00:02:50,730
‫Password cracking tools do not just use words as they are.

40
00:02:51,090 --> 00:02:54,570
‫They are also able to use the words in various forms.

41
00:02:55,020 --> 00:02:59,610
‫Reverse double lowercase, uppercase, adding number behind the words, etc..

42
00:03:00,650 --> 00:03:06,710
‫So we had the dictionary select the options and we're ready to launch the attack by clicking the Start

43
00:03:06,710 --> 00:03:07,010
‫button.

44
00:03:08,120 --> 00:03:09,680
‫And now the cracking starts.

45
00:03:11,420 --> 00:03:17,480
‫As you can see in the key rate field, Cain tries more than two million passwords a second.

46
00:03:18,020 --> 00:03:20,840
‫Now there are three and a half million passwords to try.

47
00:03:21,080 --> 00:03:23,360
‫But don't forget the option selected.

48
00:03:23,600 --> 00:03:28,970
‫Every word is tried, as is reverse, double numbers added, etc..

49
00:03:29,330 --> 00:03:34,010
‫So there are tens of tries for a single line of the word list.

50
00:03:35,030 --> 00:03:38,870
‫And here it is, Cain found the password from the hash in second.

51
00:03:39,230 --> 00:03:40,190
‫Well done, Cain.

52
00:03:43,720 --> 00:03:47,320
‫So in the table, the cracked password values are set by Cain.

53
00:03:47,980 --> 00:03:49,930
‫And do you see the password?

54
00:03:50,440 --> 00:03:51,490
‫It's all uppercase.

55
00:03:52,540 --> 00:03:53,890
‫So let's try another user.

56
00:03:54,700 --> 00:03:57,190
‫I really don't know the password of this user.

57
00:03:57,490 --> 00:04:00,700
‫So right click Dictionary Attack and TLM hashes.

58
00:04:01,120 --> 00:04:03,190
‫Same dictionary and start.

59
00:04:04,280 --> 00:04:07,220
‫It makes more than two million trees per second this time.

60
00:04:11,470 --> 00:04:12,520
‫And the attacks finished.

61
00:04:13,520 --> 00:04:15,650
‫But we failed this time.

62
00:04:16,640 --> 00:04:19,340
‫We couldn't find a password with this small of a dictionary.