OphCrack; forgot your password?
This is going to be a tricky one…. Because this kind of software can be used for some illegal activities…. – but I will just assume you are not going to do this….!!
This post will handle the situation of “the lost password” !
Situation which I had….;
I have been rebuilding the software on a laptop. The laptop was getting a new owner; so it would be nicer if the computer had the new owners name etc……
The old setup of the computer was using an administrator function on the old name…
I went a bit too fast…. I did not give the new owner enough rights – I deleted the older owner….
AND I had a problem; as I did not know the administrator’s password – I was not able to give the new owner enough rights…. OOOOOPS…..!!
Same situation could be; you didn’t give the users of a laptop or computer all rights – they want to install a program…..for which you need the administrator…. but your administrator disappeared (or forgot the password)……
After a search I got to the next program; OphCrack…
What is it doing..??
I took the “LiveCD” version – burned it via ImgBurn on a cd (with one of my other computers – as I didn’t have the right to install ImgBurn yet)……
Put it in the laptop; made it starting up via the cd/dvd player -> this you can do via the Bios….
How to get to the bios..?? Well; you should be able to find that in the instructions which came with your mainboard. Most cases, during the reboot, you need to press OR F1 OR F2 OR Esc.
Sometimes you will even see – during the start up – the key you need to enter to get to your bios.
Change the boot of your computer to cd/dvd….
Restart the computer; and the cd will start working.
Very simple explained; it will make a small installation of Linux and an extra hack program…. with this program you can find your administrator’s (or any other) password….!
It will go through all kind of progresses and it will take a while…. but at the end…. it found the one I was searching for…..!!
Write the password down; restart – go to the bios – change the reboot order…. voíla !
And 20 minutes later – I had the whole laptop the way I wanted !!
What does the homepage say..?
Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.
Happy “hacking”
Homepage; Ophcrack
Download; OphCrack LiveCD
Download; OphCrack – program (I did not test this one; should work without rebooting via cd/dvd)
Hi my friend, good day!
I’ve been using ophcrack for about 2 years i think. I’m just wondering, will it be able to crack windows vista passwords?
Alternative use for this tool: find passwords that the tool can’t recover… make the admin password much longer, for starters…
And you were lucky, things would be more complicated if there was a password needed to enter the BIOS to change the bootorder.
Conclusion: a lousy administrator “secured” that laptop… lol
@zplits; the tables do mention vista – so – it should be working.
@Rudy
And why is that an alternative..??
Then you are not really helped !! I am mentioning this one for the people who forgot the password – who lost it. And sometimes you buy one from another person (who is forgetting to mention the administrator password)
btw – the password (which it did find) would probably come from the category “heavy”….
As it was a IT company who did put it in.
Oooh and don’t worry; even if the bios had a password – I would be able to do it…
But that part is going to be too much of “hacking”…
I mean, alternative use for an administrator to test a password, making sure someone is not able to crack it later with this tool…
Without revealing the password itself, can you tell us how long it was and how many different possible characters was used? I’m wondering what you think is a strong password.
9 characters – which where; 7 different letters – 1 number – 1 other character
Which give the result of “strong” on the windows password checker;
http://www.microsoft.com/protect/yourself/password/checker.mspx
Never believe what Microsoft says, especially when it comes to security!
Let’s do some calculations…
Suppose we can pick both lowercase and uppercase characters (a-z and A-Z) for the 7 letters and all 95 printable ASCII characters for that other character. Then the keyspace (number of possible keys) is:
52^7 x 10 x 95 = 976 668 117 401 600
This is a keyspace of less than 50 bits, by all standards very weak!
It’s even less than the keyspace of DES, an old encryption algorithm with a keylength of 56 bits, and completely unsecure.
A keyspace of at least 128 bits should be recommended. If we can choose all 95 printable ASCII characters for all characters in the password, one needs to pick 20 characters at random to produce the password.
I see now that I use the words ‘keylength’ and ‘keyspace’ in a somewhat liberal fashion…
To be more precise, ‘keylenght’ is the lenght of a key, expressed in the number of characters used, or the equivalent in bits used. For example, the keylenght of DES is 56 bits.
‘Key space’ is the number of possible keys, for example, DES has a keyspace of 2^56 = 72 057 594 037 927 936. This is the maximum number of keys you have to try to recover the key, if you only can use a brute force attack (simply trying all possible keys).
Solution; send Microsoft an email… ROFL
Btw for people who want to make their password stronger – so ophcrack isn’t able to get it; ophcrack is working till up to 18 characters – after that you (should) are safe !!
Nah… just don’t trust Microsoft.
If someone is really concerned about security issues, relying on just a Windows password is not enough (there are tools out there that reset the password, so even with a long password you’re not safe).
In that case, use something like TrueCrypt.
wow cool, I didnt know about this. Let me try getting the password to this blog of yours
If you see a funny post here tomo, then you know who did it!
I tested Ophcrack on a Vista laptop and it found the 6 character password within 2 minutes.
@lvs – I didn’t see anything yet – but ya still have a couple of hours.
@pcmemoirs – thanx for checking and sharing !
As you can see in the discussion; you will need a 20 character password to let OphCrack fail.
Can I crack any password with tools r it is only for a few tools that are available
@solomon – I am not sure if I really get your question; but OphCrack is mainly to get your administrator and user passwords.
I recommend a new tool windows password reset 7.0 . It also support windows 7 password reset. And it’s the best tool i ever seen. I’m sure it is helpful for those who locked out of computer.