You are hereRetrieve any alphanumeric windows logon password quickly
Retrieve any alphanumeric windows logon password quickly
Sometimes even administrators forget the passwords to their account or sometimes you have "service accounts' configured which use a certain password. If you are deploying a new machine or a server and need this password but you don't have it, you are still not dead in the water. In this article we would show how you can use the free utility called Ophcrack to retrieve Windows passwords. It can crack up to 14 character alphanumeric passwords under 10 minutes. It is a great tool for computer security professionals who would like to audit security settings or perform penetration testing
| There are various other utilities available on the internet, what's neat about this utility is that it is blazing fast. It does not just use brute force or dictionary type attacks, but it makes use of Rainbow Tables to accomplish its task. There is no installation of any sort required, you just boot of a CD and run the utility in a full GUI mode. |
Some of the other features of this utility as stated on its website are:
* Runs on Windows, Linux/Unix, Mac OS X, ...
* Cracks LM and NTLM hashes.
* Free tables available for Windows XP and Vista.
* Brute-force module for simple passwords.
* Audit mode and CSV export.
* Real-time graphs to analyze the passwords.
* LiveCD available to simplify the cracking.
* Loads hashes from encrypted SAM recovered from a Windows partition, Vista included.
* Free and open source software (GPL).
Here is a step by step procedure on how to use this utility:
- Download Ophcrack liveCD from http://ophcrack.sourceforge.net/ its about 452 MB iso file
- Burn the iso image to a CD, please note that you need to burn the iso image to create a bootable cd, do not burn the iso image as a data cd. We have a step by step tutorial available on how to do this at http://indiawebsearch.com/content/use-cd-burner-xp-for-all-your-windows-cd-burning-needs
 | - Now you need to change or check your computer's BIOS boot order settings, such that the first boot device is your CD Rom, so your machine can boot directly into Ophcrack |
 | - Let the machine boot with the CD |
| - Choose Ophcrack Graphic mode (which is the default setting) |
 | - The program would automatically identify the local usernames on the machine and start to work on obtaining their passwords. It would show you the usernames, the progress bar and the time elapsed |
 | - Once found, it would display the username, password and time elapsed |
 | - Hit the X on the top right hand window and press a key when asked to exit the program |
 | - Finally press Y to shutdown the CD and reboot your machine into Windows |
- Add new comment
- 1321 reads
-
AddThis
There is a big difference between "clearing" or "resetting" the admin password and "retrieving" it, Ophcrak has both abilities, depending on the complexity and length of the password it takes a proportionate time to "retrieve" it. Resetting it probably takes less than 2 minutes
There is a big difference between "clearing" or "resetting" the admin password and "retrieving" it, Ophcrak has both abilities, depending on the complexity and length of the password it takes a proportionate time to "retrieve" it. Resetting it probably takes less than 2 minutes
The iso image version like I state in the article (LiveCD version) that does not need any installation is only 452 MB and yes, it has a full GUI interface. The Windows installable version is good only if you can log onto the machine, the LiveCD version works everytime, without even logging to Windows. There are a number of variety of Rainbow tables available, paid and free, you can go all the way to 16 Gigabyte for a download