I’ve been aiming to test Cain & Abel on Windows Vista since Vista came out almost a year ago. Although Cain & Abel must be started in elevated mode, many of the key features don’t work, as I suspected might be the case. Protected Storage, RDP, and Credential Dumper didn’t work, although a local LSAdump of custom service account passwords and wireless preshared keys and hashes did. I couldn’t get any of the man-in-the-middle attacks to work, and none of the tools for sniffing passwords off the network provided any usable data.
I was happy to see that the local password hash dump only discovered the harder-to-crack NT hashes with no super vulnerable LM hashes available. This reflects Microsoft’s decision to finally disable LM password hashes by default in Vista, a decision overdue by at least five years.
Some security administrators ask me why I promote the use of tools like Cain & Abel that make hacking so easy. Shouldn't I be afraid of putting dangerous tools into the hands of the script kiddies? My reply is always the same: Hackers don’t need Cain & Abel. They can do what they need to do without the easy-to-use GUIs. Cain & Abel is for the rest of us to make hacking easier to demonstrate. One good Cain & Abel demo to management can say more than a hundred computer security articles. And besides, most malicious hacking today is done by professional criminals … and they don’t use Cain & Abel either.
I often encourage system administrators to run Cain & Abel, with appropriate permission of course, to ferret out weak and plain text passwords on their own local system and on their networks. Most first-time users are surprised to find that plain text passwords abound on networks they believed were relatively secure.
Who am I kidding? Every system administrator I know thinks their network is like Swiss cheese. But Cain & Abel gives you a way to document the problem, and to begin doing something about it.