As far as password recovery utilities go, Cain & Abel is by far one of the best out there. It’s designed to run on Microsoft Windows 2000/XP/Vista but has methods to recover passwords for other systems. It is able to find passwords in the local cache, decode scrambled passwords, find wireless network keys or use brute-force and dictionary attacks. For recovering passwords on other systems Cain & Abel has the ability to sniff the local network for passwords transmitted via HTTP/HTTPS, POP3, IMAP, SMTP and much more. We think it is quite possibly one of the best utilities to have as a system administrator, and definitely a must have for your toolbox.
71 thoughts on “Cain And Abel: Windows Password Recovery Utility”
I think it’s a great application, however my virus scanner goes berserk every time I run it, which means I have to turn it off and that’s something I don’t like.
I know another two great ways!
If you have a bootable CD/USB drive,some password tools can be burn to it and you can boot your computer from USB to run the software, so that you can recover Windows password such as Windows 8/7/vista/xp/2008/2003/2000 password from USB.
Such as Windows Password Rescuer, Offline NT Password, here I just list the simple steps:
Step 1: Download Windows Password Rescuer/Offline NT Password Editor
Step 2: Run it to burn to bootable CD/DVD or USB flash drive
Step 3: BIOS setting of your locked computer to boot form CD or USB
Step 4: Recover Windows password after the software starts.
Here I just show you how to reset Windows 7/Vista password with CMD. Key steps:
Step 1: Logon your Windows as administrator(You also can logon Safe Mode with Command Prompt, pressing F8 when restart your computer, hit up/down key to choose Safe Mode with Command Prompt and hit Enter).
Step 2: Click on Start, type cmd in the Run box or Search box and press Enter.
Step 3: Type net user, all user accounts of your computer will be listed.
Step 4: Type net user “UserName” “NewPassword”(replace UerName and NewPassword with yours), press Enter, then the password will be reset as new one and you can logon Windows 7/Vista with it. You also can use a program base on CMD.
I feel like 1998 just punched me in the face.
I shouldn’t encourage you, but I almost shot coffee out of my nose when I read your comment.
I get that feeling every time i look at the site.I guess thats just what its all about.
That’s what i’m calling news ;)
Erm no okay. I know there are people out there who dont know software like this even if it’s old.
New serious people: Use this as a !password recovery tool!
Other new people: If u are teh 1337 h4x0r then u5 d4 t001 4nd u w!11 b3 d4 k!n6 0f 411 1337 h4x0rx!!! !mpre55 411 ur m473s with d0!n6 n0th!n 8u7 4 c1!ck.
Now at hackaday, discover the newest password cracking tool called “John The Ripper”.
Don’t forget, some of the easiest to use arp spoofing tools for sniffing traffic on switched networks…
You might want to be careful leaving this lying around on your work laptop. It is most certainly a hacking tool. If anything exciting goes down and they find this on your laptop, fingers may be pointed.
Since this story is pretty good to make a general statement… there are capital letters here. Awesome! When did that happen?
I’ve used this tools when Abel was still a RAT. Ahh the good old days. The comments on how old it is made me LOL.
Stealthmonkey, the leet…. it buuuuurns us!
But seriously, when did HaD-9000 start doing retro posts?
HA! That made my morning :)
Nether the less it’s still a better program than the one I was currently using :P
Horray! Behold my correctly capitalised prose. Tremble in fear as ambiguous cases are crushed beneath my might shift key.
i dont get it. its been available for years, why now?
@Thedudefrommiamivice & @Decius
For real. I mean, I remember fucking around with this nigh on a decade ago. I’m too lazy to click on the link. Please tell me there is at least a new release and not just providing fodder for script kiddies too lazy to google this.
It does not say how i run this on my arduino?
oooh, oooh, I’m soo cool. I’m soo cooler than everyone else. Like. So. Totally. Like. Awesome. Yah, haww! I mean. For real. Ya know?
This is the same program I used in 10th grade to crack my teacher’s passwords on the NT box’s they logged into.
I remember laughing when my English teacher’s password was ‘book’
I’m happy to see its still being updated after all this time.
I think a google search would have been more appropriate than an article on hackaday.com .
What’s up with all the crappy comments. Yeah, it may not be the newest tool to use but for new ppl I think it’s good.
I love this stuff. I have a couple of master keys and some bump keys. Being able to enter almost any room makes you feel so empowered. So does this program.
Now remember: With great power comes great responsibility.
should i be worryed if i can read the lower part of your post….
also ophcrack is a good windows password cracking utility….
Back Orifice 2000 FTW
OMG just like netbus and sub7 :)
If you want an easy-to-use version of this for login passwords, try this:
It’s basicly the same, but is all automated, and will work much faster than C&A on a single computer. As an added bonus, you don’t have to download large liveCD’s or fiddle with moving a hard disk to another computer to get the password from it.
Downside is it costs $$$, but you get what you pay for.
It’s old but it works and is still maintained. Whatever became of their client for Windows Mobile?
@zetsway – Until a certain level of brain development, children believe any knowledge they have, everyone else also has. The dissonance introduced to such an immature system, when exposed to information they’ve already received but is presented as news, causes all higher-level cerebral function to halt completely, resulting in the comments you observed.
Symantec found Trojan
Main Entry: news
Pronunciation: \ˈnüz, ˈnyüz\
Function: noun plural but singular in construction
Usage: often attributive
Date: 15th century
1 a : a report of recent events b : previously unknown information c : something having a specified influence or effect
2 a : material reported in a newspaper or news periodical or on a newscast b : matter that is newsworthy
C&A hardly meets the definition. Or should the users of this site stand by and allow the site to delve into mediocrity, maybe its already there. I was under the impression this site was for hackers. Not sure about you but wouldn’t a hacker be in possesion of even the most basic of skills such as using google. Now if cain and able had a feature added to it that allowed it to do something new and impressive then I would be all for the post but it doesn’t.
Hey guys we added wep cracking…… what do you mean the simpsons have already done it?
Oh and if the site was continually cluttered with information that someone new to the “scene” didn’t know it would become pretty pointless. There is always going to be people who don’t know about , thats why search engines exist. Give me something new, something that hasn’t been seen before, I dunno maybe a hack. What an odd concept eh?
you sir made my evening
this is by far the greatest program! i have used it for years!!
i believe the reason antivirus apps flag c&a is because part of the installation provides a back door to other c&a users on the network. hence the name. a tool that also betrays you…
i used to have a little batch script that would move the offending file out of the system folder and back again. i think it was a .dll, can’t remember cause its been years ha
this is now on here epic fail this prog is OLLLLDDDD
i have known about this for a few years lol…but its still a decent program
SO I JUST FOUND THIS NEW INVENTION ITS CALLED THE NINTENDO ENTERTAINMENT SYSTEM I CANT WAIT TO PLAY PONG ON ITS EPIC GAME CARTRIDGES!
I agree with what you saying but there is no need to dis the site. Maybe HAD just found out about C&A. Who knows??
Maybe if ppl stop complaining about articles on arduino we wouldn’t have articles like this.
HaHaHa Back in high school I had this on a floppy disk……
Yeah, this is very retro. It’s probably worth noting that l0phtcrack 6 is also available for password cracking^W “recover.” And that actually IS new and updated software. Though it doesn’t have the handy dandy MITM features Cain does, it’s better.
LC6. Better. Srsly.
Jebas hackaday… The site is called “Hackaday” not, “it was a slow news day so here’s a write up on a program that even me, without hardly a clue in the world about password cracking, heard about YEARS ago.”
I used to defend this site from the nay-sayers who would claim this site is going down the tubes, but my god I was wrong… RIP Hackaday I knew and loved. Welcome shitty engadet clone…
Sad sad stuff, and just after eliot left too
I wouldn’t touch this. Virus scanner seems to go crazy. I also have no way to bypass the virus scanner. It’s on a server that I don’t have access to.
Well, since the “Abel” component is essentially a backdoor service, I wouldn’t be surprised that antivirus programs flag it.
I have installed it on my arduino, great program.
YUP if you remove the able.exe from the directory youre virus scanner schould be content,
Youre chery list is tires old hacker bullshit
@rmf C&A actually is updated as well, he releases updates almost monthly.
As far as people being unhappy about seeing hacking “non-news”, maybe hackaday needs to add some content silently, so that it doesn’t show up on the main page, but so that it shows up on the appropriate category.
Muu haa haaaaa my wonderful toys :) i love them so because the data tells me so
I never was able to get ARP poisoning to work. It just did… nothing. Every time I tried.
if you think system admins actually need this utility, that is an epic fail because a system admin you are not. this tool has only one use and it’s not an honest use in any sense of the word.
i’ve been a sysadmin for over 10 years and i’ve never needed a password recovery tool. if you need to recover data, there’s a lot of tools for that that don’t require hacking the system. if you’re user loses their password, just reset it on the domain and be done with it. if you don’t have a domain, reinstall (no whining about how much easier is to use this tool to compromise your system – security takes precedence over convenience). it’s not the end of the world, people.
A few years back I was contracted by a company who fired their admin and he had locked everything down really tightly. Reinstalling everything wasn’t an option as there was a ton of data that needed to be saved (and backups were locked on the servers as well). Using this and a couple other tools helped break everything to save the data, after which the systems were wiped clean.
So does this mean I can finally recover the passwords to my old porn archives?
Long time ago , I was confronted with the password problem. Finally , my friend Jane introduce the Windows password Reset.It helps me access windows. http://www.resetwindowspassword.com
Compare to many password recovery solutions. Windows password unlocker is highly recommended.
1.Download Windows Password Unlocker from Password Unlocker Official site http://sn.im/wpu
2.Decompress the Windows password unlocker and note that there is an .ISO image file. Burn the image file onto an blank CD with the burner freely supported by Password Unlocker.
3.Insert the newly created CD into the locked computer and re-boot it from the CD drive.
4.After launched the CD, a window pop up with all your account names(if you have several accounts); select one of the accounts that you have forgotten its password to reset it. Just one press, you have removed the password.
what about kon-boot ?
you can load it up on to USB stick.
login as adminstrator , sniff around.
admin has the blame ^_^
also usefull if you forgot your password :)
Please be kind and respectful to help make the comments section excellent. (Comment Policy)