{
	"id": "b3069a20-f7e1-44a9-895d-125be980ef4b",
	"created_at": "2026-04-06T00:09:43.913764Z",
	"updated_at": "2026-04-10T03:24:29.62442Z",
	"deleted_at": null,
	"sha1_hash": "d8ae1618a8f3f5492dacf25eec3e2fb0032035b4",
	"title": "Cain and Abel (software)",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 120767,
	"plain_text": "Cain and Abel (software)\r\nBy Contributors to Wikimedia projects\r\nPublished: 2006-02-27 · Archived: 2026-04-05 14:30:40 UTC\r\nFrom Wikipedia, the free encyclopedia\r\nCain and Abel\r\nA screenshot of Cain and Abel interface.\r\nDeveloper Massimiliano Montoro\r\nStable release 4.9.56 / April 7, 2014; 11 years ago\r\nOperating system Microsoft Windows\r\nType Password cracking/Packet analysis\r\nLicense Freeware\r\nWebsite web.archive.org/web/20190603235413/http://www.oxid.it/cain.html\r\nCain and Abel (often abbreviated to Cain) was a password recovery tool for Microsoft Windows. It could recover\r\nmany kinds of passwords using methods such as network packet sniffing, cracking various password hashes by\r\nusing methods such as dictionary attacks, brute force and cryptanalysis attacks.[1] Cryptanalysis attacks were done\r\nvia rainbow tables which could be generated with the winrtgen.exe program provided with Cain and Abel.[2] Cain\r\nand Abel was maintained by Massimiliano Montoro[3] and Sean Babcock.\r\nWEP cracking\r\nSpeeding up packet capture speed by wireless packet injection\r\nAbility to record VoIP conversations\r\nDecoding scrambled passwords\r\nhttps://en.wikipedia.org/wiki/Cain_and_Abel_(software)\r\nPage 1 of 3\n\nCalculating hashes\r\nTraceroute\r\nRevealing password boxes\r\nUncovering cached passwords\r\nDumping protected storage passwords\r\nARP spoofing\r\nIP to MAC Address resolver\r\nNetwork Password Sniffer\r\nLSA secret dumper\r\nAbility to crack:\r\nLM \u0026 NTLM hashes\r\nNTLMv2 hashes\r\nMicrosoft Cache hashes\r\nMicrosoft Windows PWL files\r\nCisco IOS – MD5 hashes\r\nCisco PIX – MD5 hashes\r\nAPOP – MD5 hashes\r\nCRAM-MD5 MD5 hashes\r\nOSPF – MD5 hashes\r\nRIPv2 MD5 hashes\r\nVRRP – HMAC hashes\r\nVirtual Network Computing (VNC) Triple DES\r\nMD2 hashes\r\nMD4 hashes\r\nMD5 hashes\r\nSHA-1 hashes\r\nSHA-2 hashes\r\nRIPEMD-160 hashes\r\nKerberos 5 hashes\r\nRADIUS shared key hashes\r\nIKE PSK hashes\r\nMSSQL hashes\r\nMySQL hashes\r\nOracle and SIP hashes\r\nStatus with virus scanners\r\n[edit]\r\nSome virus scanners (and browsers, e.g. Google Chrome 20.0.1132.47) detect Cain and Abel as malware.\r\nAvast! detects it as \"Win32:Cain-B [Tool]\" and classifies it as \"Other potentially dangerous program\",[4] while\r\nMicrosoft Security Essentials detects it as \"Win32/Cain!4_9_14\" and classifies it as \"Tool: This program has\r\nhttps://en.wikipedia.org/wiki/Cain_and_Abel_(software)\r\nPage 2 of 3\n\npotentially unwanted behavior.\" Even if Cain's install directory, as well as the word \"Cain\", are added to Avast's\r\nexclude list, the real-time scanner has been known to stop Cain from functioning. However, the latest version of\r\nAvast no longer blocks Cain.\r\nSymantec (the developer of the Norton family of computer security software) identified a buffer overflow\r\nvulnerability in version 4.9.24 that allowed for remote code execution in the event the application was used to\r\nopen a large RDP file, as might occur when using the program to analyze network traffic.[5] The vulnerability had\r\nbeen present in the previous version (4.9.23) as well[6] and was patched in a subsequent release.\r\nBlack-hat hacker\r\nWhite-hat hacker\r\nHacker (computer security)\r\nPassword cracking\r\nAircrack-ng\r\nCrack\r\nDaveGrohl\r\nHashcat\r\nJohn the Ripper\r\nL0phtCrack\r\nOphcrack\r\nRainbowCrack\r\n1. ^ \"How to use Cain and Abel\". Cybrary. Archived from the original on 2024-05-24. Retrieved 2019-08-24.\r\n2. ^ \"ECE 9609/9069: Introduction to Hacking\". Whisper Lab. Archived from the original on 2019-08-24.\r\nRetrieved 2019-08-24.\r\n3. ^ Zorz, Mirko (2009-07-07). \"Q\u0026A: Cain \u0026 Abel, the password recovery tool\". Help Net Security.\r\nArchived from the original on 2024-05-24. Retrieved 2019-08-24.\r\n4. ^ Metev, Denis (2019-07-29). \"What Is Brute-Force And How to Stay Safe?\". Tech Jury. Archived from the\r\noriginal on 2019-08-24. Retrieved 2019-08-24.\r\n5. ^ \"Attack: Massimiliano Montoro Cain \u0026 Abel .rdp File BO: Attack Signature – Symantec Corp\".\r\nSymantec. Archived from the original on March 13, 2014. Retrieved 2019-08-24.\r\n6. ^ \"Massimiliano Montoro Cain \u0026 Abel Malformed '.rdp' File Buffer Overflow Vulnerability\".\r\nwww.securityfocus.com. Archived from the original on 2020-02-28. Retrieved 2019-08-24.\r\nOfficial website (archived)\r\nInterview with Massimiliano Montoro, developer of Cain \u0026 Abel\r\nSource: https://en.wikipedia.org/wiki/Cain_and_Abel_(software)\r\nhttps://en.wikipedia.org/wiki/Cain_and_Abel_(software)\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://en.wikipedia.org/wiki/Cain_and_Abel_(software)"
	],
	"report_names": [
		"Cain_and_Abel_(software)"
	],
	"threat_actors": [
		{
			"id": "aa73cd6a-868c-4ae4-a5b2-7cb2c5ad1e9d",
			"created_at": "2022-10-25T16:07:24.139848Z",
			"updated_at": "2026-04-10T02:00:04.878798Z",
			"deleted_at": null,
			"main_name": "Safe",
			"aliases": [],
			"source_name": "ETDA:Safe",
			"tools": [
				"DebugView",
				"LZ77",
				"OpenDoc",
				"SafeDisk",
				"TypeConfig",
				"UPXShell",
				"UsbDoc",
				"UsbExe"
			],
			"source_id": "ETDA",
			"reports": null
		}
	],
	"ts_created_at": 1775434183,
	"ts_updated_at": 1775791469,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/d8ae1618a8f3f5492dacf25eec3e2fb0032035b4.pdf",
		"text": "https://archive.orkl.eu/d8ae1618a8f3f5492dacf25eec3e2fb0032035b4.txt",
		"img": "https://archive.orkl.eu/d8ae1618a8f3f5492dacf25eec3e2fb0032035b4.jpg"
	}
}