[ # ] Crack Windows Passwords with Ophcrack

/* Posted April 3rd, 2008 at 8:01am */
/* Filed under Apps, Linux, Mac, Windows */

If you didn’t want to change other users’ passwords on Windows using the method covered in this post because it would have been too obvious, there is a better more subtle way to do it with some good old password cracking software. Now assuming you actually have an account on the computer that you’re going to infiltrate like the hack in the previous post requires, password cracking is a simple matter of installing the right tool: and that would be ophcrack, a freeware, open source password cracker.

Ophcrack is a Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a GTK+ Graphical User Interface and runs on Windows, Mac OS X (Intel CPU) as well as on Linux.

Basically all you need to know is ophcrack can “recover” 99.9% of alphanumeric passwords in seconds. Get the installer here and launch the application and you’ll get this:

Ophcrack on Windows

Simply click “Launch” and ophcrack will get to work on cracking all the accounts on your machine. As you can see, user peter’s “sp33dyGonz4les” password (seems pretty decent, right?) was no match for the password cracker.

But what if you don’t have an account on the machine? Well, there’s two ways about this. The first thing you can try is simply boot Windows into safe mode and log in as “Administrator” since oftentimes it will have no password. This gains you access to the host and if this is sufficient for your (mis)deeds then you don’t even need ophcrack and I’ve just shown you yet another way to “crack” a Windows machine. But what if you want to crack other users’ passwords since doing so may get you that all-purpose password that your naive victim uses for just about everything. If you can get in on the Administrator account, you can again install Ophcrack and let it work its magic.

If you can’t get through using the first method, there’s one more trick up ophcrack’s sleeve: the Live CD. Burn the ISO to a CD and reboot the machine so that it boots off the CD drive containing the ophcrack Live CD you just burned. Once it gets loaded, you’ll get this screen:

Ophcrack boot screen

Once you proceed (and it may take a while) you’ll be presented with the familiar interface. Simply click “Launch” to launch the attack. Once you get the password, the possibilities are endless. Consider taking a Live CD to work and changing your coworker’s wallpaper to goatse or if you don’t actually hate the guy’s guts the Hoff will do, that would be awesome.

Has this article gotten you sufficiently scared about your own password yet? Well, you should notice that ophcrack works wonders on alphanumeric passwords. Change your own password to include some non-alphanumeric characters like “!” or “&” or simply make sure the length is greater than 15 characters. Despite these limitations, ophcrack is still an effective password cracking tool good enough to hack most Windows accounts. I tried it at home on a few computers and let’s just say nothing was spared.