What is ophcrack?Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.
- » Runs on Windows, Linux/Unix, Mac OS X, ...
- » Cracks LM and NTLM hashes.
- » Free tables available for Windows XP and Vista.
- » Brute-force module for simple passwords.
- » Audit mode and CSV export.
- » Real-time graphs to analyze the passwords.
- » LiveCD available to simplify the cracking.
- » Loads hashes from encrypted SAM recovered from a Windows partition, Vista included.
- » Free and open source software (GPL).
1. Download the Ophcrack software here; http://ophcrack.sourceforge.net/
2. After that then Ophcrack burned as a bootable CD disk. This CD will be used as a bootable CD which I will explain its use below.
Here are the steps using Ophcrack :
1. Restart your computer and set the CD / DVD drive as first boot.2. Enter the Ophcrack Live CD you just burned earlier. Ophcrack LiveCD will soon begin the boot process, as shown in the following step.
3. You do not need to do anything in the image above. Ophcrack LiveCD will continue automatically and after boot Automatic in a few seconds the following screen will appear;
4. Line of text above is a command details in preparation for filling Ophcrack LiveCD software program that will recover passwords encrypted on your hard drive.
5. The figure shows the Ophcrack LiveCD boot process. It may appear and disappear so quickly that you may hard to read. This message simply confirms that an encrypted partition with password information in it has been found on the hard drive. Location of the password is generally in the C: / Windows/System32/config. That is good news! The next window will appear as follows;
6. The screen above is a full view of software Ophcrack LiveCD. Ophcrack will try to recover passwords of all user accounts found on your computer. This is where the process of password cracking run automatically.
7. It is important here is to please observe the accounts listed in User column (column 1) and password that is listed in NT Pwd column (column 6). If the user account that you are looking for is not listed, Ophcrack not find the account on your computer. If NT pwd blank column for a particular user, it means that the password has not been restored.
8. If cracking Ophcrack password for the user is marked [empty], you now know that you can log into your account without a password at all, assuming that the user account is activated.
9. After Ophcrack delete the account password you mean, write it down, remove the Ophcrack LiveCD disc from your optical drive and restart your computer. You do not need to exit the Ophcrack software, it will not harm your computer to restart while the program is running.