Hello, aspiring ethical hackers. In our previous blogpost, you learnt about password cracking. In this article, you will learn about a tool that cracks Windows log-in passwords offline. The name of this tool is Ophcrack.
Ophcrack is a free, open-source program that uses rainbow tables to crack Windows log-in passwords. It can import hashes in a variety of formats and can even dump them from SAM files of Windows. It can usually crack any password within minutes. It can be downloaded from here. Ophcrack is also available as a a LiveCD distribution that automatically retrieves, decrypts and cracking of passwords from a Windows system. LiveCD’s are available for Windows XP, Windows Vista and Windows 7.
Let’s see how Ophcrack works. For this tool to work, you need to have physical access to the computer whose password you want to crack. Let’s download Ophcrack-XP- live cd for this tutorial since I am testing this on a WIndows XP target. After downloading, you need to make a USB boot device out of this image. Then you need to boot from this USB device. This is what you will see as soon as Ophcrack boots.
Then, Ophcrack automatically starts loading and cracking hashes of passwords of the user accounts from the target system.
As you can see, Ophcrack cracked the password of user “Administrator”. The password is ‘123456’. All this happens automatically. On the statistics tab, you can see the stats of this tool.
On the preferences tab, you can set the preferences for this tool.
You can even load a single hash, PWDUMP file, session file or encrypted SAM file as shown below.
You have read at the beginning of this article that this tool this uses rainbow tables to crack Windows passwords. In the “Tables” option, you can see all the tables installed. You can also download and install other tables as required.
You can save the file with cracked passwords using “save” option. On the Ophcrack logout option, you can see cracked passwords or you can shutdown or reboot the system.
