Cain & Abel - Step 5: Brute Force Attack
A free video tutorial from Muharrem AYDIN
Computer Engineer, Ethical Hacking, Cyber Security Expert
44 courses
150,063 students
Lecture description
Password cracking using Cain & Abel, Brute Force attack with Cain and Abel in ethical hacking
Learn more from the full course
Ethical Hacking with Metasploit: Exploit & Post Exploit
Learn Ethical Hacking from scratch with Metasploit, exploit vulnerabilities and become a white hat hacker | Ethical 2022
04:50:03 of on-demand video • Updated June 2025
Ethical hacking involves a hacker agreeing with an organization or individual who authorizes the hacker to levy cyber attacks on a system.
Becoming an ethical hacker involves learning at least one programming language and having a working knowledge of other common languages like Python, SQL, C++
Ethical hacking is legal because the hacker has full, expressed permission to test the vulnerabilities of a system
Many hackers use the Linux operating system (OS) because Linux is a free and open-source OS, meaning that anyone can modify it. It’s easy to access.
The Certified Ethical Hacker (CEH) certification exam supports and tests the knowledge of auditors, security officers, site administrators, security.
Passing the Certified Information Security Manager (CISM) exam indicates that the credentialed individual is an expert in the governance of information security
The different types of hackers include white hat hackers who are ethical hackers and are authorized to hack systems, black hat hackers who are cybercriminals.
You will become an expert in using Metasploit for ethical hacking and network security.
Set up a lab environment to practice hacking
Install Kali Linux - a penetration testing operating system
Install Windows & vulnerable operating systems as virtual machines for testing
Learn Linux commands and how to interact with the terminal
Discover vulnerable applications
Vulnerability scanning, Exploit, Post Exploit, Payload
Gain control over computer systems using server side attacks
Exploit vulnerabilities to gain control over systems
Gathering password hashes, cracking passwords, taking screenshots, logging keystrokes etc.
Using backdoors to persist on the victim machine
The very latest up-to-date information and methods
During the course you will learn both the theory and how to step by step setup each method
Social Engineering Toolkit (SET) for Phishing
ethical hacking
cyber security
android hacking
hacking
Ethical Intelligence
Ethical Hacker
metasploit
password cracking
penetration testing
ethical hacking and penetration testing in oak academy
English [Auto]
So in the previous lecture we couldn't crack the password of the user cyber lab. So let's try to crack it with the brute force attack. Brute force attack needs a lot of time because it tries all the possibilities. So if you choose the correct character set, the success rate of cracking a password by brute force attack is theoretically 100%. But how long will it take? If the password length is more than eight, it will take months, years, or thousands of years to try all the password possibilities for any ordinary computer. So as you see in the table, the LM password is not empty for cyberlab. A tip here. The hash of an empty password starts with a D and ends with four e. Look at the LM hash of the guest user. Split the hash into two identical parts. You'll see two hashes that start with AAD and end with four E. As I mentioned before, the LM method splits the password into two seven character passwords and then takes the hash, which means we have to crack two seven character passwords. Well fair enough. LM method converts the password to all caps, so the character set is not so big. We can crack an LM hash in an acceptable time interval. So right click on the cyber lab line. In brute force attack, select LM hashes. The brute force attack window is a bit different from the dictionary attack window. It has expected no dictionary list now. Instead we have a character set combo box. The default character set are just uppercase letters and numbers. No alphanumeric characters in the set. So to keep the demo fast, let's just go with this set. It says two hashes loaded. And as you know, the hash value is split into two identical parts. On the upper right hand corner, we can choose the minimum and the maximum length of the passwords for lm method. Max length for the password is seven, so this configuration is perfect. Now I press the start button to start the attack. Wow. It found the value of one of the hashes in milliseconds. So let's look at the hash file. Yeah, it's the second part. So that means that the password ends with q. I think the password of the cyber lab user is the same with the passwords of the administrator, except the dot at the end, but we'll see. So let's look at the key rate. Kane tries more than 10 million passwords in a second. Now that's pretty fast. In the time left frame, we can see that the trying all possible passwords will take about two hours unless Kane cracks it. So let the Kane run for a while. All right, and we're back. It took more than an hour. And here's the result. We're lucky because no alphanumeric character is in the password, and we succeeded to crack it. The first part is 1234 cu cu cu.