Cain & Abel
Cain & Abel is one of the tool that is able to do a brute force attack in a local active directory system, text file or SAM (Security Account Manager) database. For executing a brute force attack with Cain & Abel, you would need to choose which source of hashes to search on and reveal the accounts registered. There are several type approach on the brute force attack, but basically it needed you to choose a LM Hash or the NTLM Hash approach.
You would see various predefined characters which are actually the characters that will be used in the password combination. The more characters set for the brute force attack, the longer it takes. There is also a textbox for custom characters if you have knowon specific characters to be used. You could also set minimum and maximum password length of the result to minimize the scope of the attack as it will reduce the attack duration. Another input is Start from which is a point where the attack will start.
How Cain & Abel work is that from all of the configuration of the password combination, it will make a password combination one by one and hashes it then comparing it with the registered hash in the SAM database or a text file. When the generated hash and the registered hash is identical, then the password for that particular identification is found.
The configuration should be set to the most minimum scope as possible. Brute force attacks tend to spend a lot of time to compromise just one password. That is why this configuration is important. Especially, when special characters are included, it increase the attack duration substantially.
Brute force attacks comparisons
Brute force attack is more diverse in terms of variation of the combination involved, however it takes a long time to process all of the possible combination with the predefined characters. Dictionary attack on the other hand, has a far less iterations so it has lower duration time to go through. Dictionary attack goes through a collection of words and use these words as a password.
Both has its advatanges and disadvantages as it mainly depends on how the password is actually structured. However, one of the best way to crack a password is to use a kind of combination of brute force attack and dictionary attack. The attack would create combinations of commonly used words mixed with variety of characters in it thus it would meet most passwords criteria these days which mostly requires number, uppercase letter and special character in it.
Brute force and dictionary attack would be considered a straight-forward type of attack. There is another attack which is the rainbow table attack. This table consists of pre-calculated hashes and passwords in a large scale. Rainbow table relies on one-way hashing and reduction function to create the database. An attack that uses rainbow table would require lower computing process as it can start at certain hashes although the memory reqruired for the database is massive as it contains all possible combinations of passwords.
The weakness of a rainbow table attack is a salted password. The same password would not have the same hash value because the unique salt added in it thus creates a unique hash value for that particular password. This creates more obstacle for the attacker as it will require the attacker to combine every possible salt value to the password.
In summary, it is actually quite difficult to point out which one works best to crack a password blindly. An attacker would have more chance in finding the password by executing prior data collection of the target. It would include activities like social engineering, phishing or even just a simple shoulder surfing. With additional knowledge in hand, it would largely minimize the scope of the attack thus reducing the time needed for an attack.
A Secure Password
As we have known various technique to crack a password, we can conclude some ideas from the attack to reduce the chance of getting our passwords compromised. The more variety of characters in a password means it would take the attacker more time to find the password. It would be good to use uppercase and lowercase letters separately (e.g. eLecTRic). Numbers and special characters would also be a great addition to a secure password and a good password should be at least 12 characters long. These criteria would be a minimum requirements needed for a secure password.
Be aware of using your name, date of birth or address. These information could be easily obtained from various sources as it is a public information we usually share on social media. Be careful in using common words in your passwords as it is vulnerable of a dictionary attack.
We know that having random generated password would be a strong and secure password, however most people would not be able to memorize those kind of passwords. In my opinion, make a password that meet the minimum requirements above, in addition, you could add a little twist in it. I’m quite sure you will use some kind of name or words that would be remembered easily. Adding a typo or wrong spelling in the password would definitely reduce the risk of getting compromised as it is secured from dictionary attacks. You could also combine first 2 or 3 letters from several words together to make a good password.
Besides all of this password making methods, an important aspect of password is adding salt. Salt would be an important security measure so that the hash values cannot be compared with a rainbow table.
Marcellus's Blog 