How to Carve Saved Passwords Using Cain
I've previously mentioned how saving browser passwords is a bad idea, but I never went into much detail as to why. Passwords that are saved in your browser can be carved out and stolen very easily. In fact, even passwords you save for instant messaging and Wi-Fi are vulnerable. Windows is very inefficient with the way it stores passwords—it doesn't store them in key-vaults, nor does it encrypt them. You're left with passwords residing in memory and filespace that's unencrypted.
Linux trumps this by having password wallets, key-vaults, etc. It stores your passwords for programs and browsers in a small encrypted location on your hard drive, so they cannot be stolen. Now this isn't just Windows' fault—the programs themselves could store them in a more secure manner, but they choose not to (most of the time).
In this Null Byte, we're going to be using Cain & Abel to carve out saved browser passwords in a video. Watch the demo below, and scroll down for written instructions.
- Go to oxidit and download Cain.
- Install Cain by clicking Next > Next > Next > Next > Finish > Install.
- With Cain open, in the toolbar click the "+" symbol to dump passwords from each category, and see which of your passwords have been saved and thus, revealed.
- Log in to a site that saves passwords.
- Expose them with Firefox's new built-in tool.
- STOP SAVING YOUR PASSWORDS.
If you have a question, you can come to IRC and ask, I idle there 24/7.