Friday, April 9, 2010
Ophcrack:The ultimate Windows password cracker
1. Visit the Ophcrack Website
Ophcrack LiveCD 2.3.1 is a completely self contained, bootable version of Ophcrack 3.3.1 - the easiest and most effective tool that I've ever found to "crack" your forgotten Windows password.
Ophcrack is a free software program that recovers passwords so the first step you'll need to take is to visit Ophcrack's website. When the Ophcrack website loads as shown above, click the Download ophcrack LiveCD button.
2. Choose the Correct Ophcrack LiveCD Version
After clicking the Download ophcrack LiveCD button in the previous step, the webpage above should display.
Click the button corresponding to the operating system of the computer you'll be recovering the password on. The operating system of the computer you're using right now doesn't matter.
For example, if you've forgotten the password on a Windows 7 or Windows Vista computer, click on ophcrack Vista LiveCD. If you've forgotten the password on a Windows XP computer, click on ophcrack XP LiveCD.
3. Download the Ophcrack LiveCD ISO File
Ophcrack LiveCD should begin downloading automatically. The download is in the form of a single ISO file.
If prompted, choose to Download File or Save to Disk - however your browser phrases it. Save the file to your Desktop or another location that's easy to locate. Do not choose to Open the File.
The size of the Ophcrack LiveCD software you're downloading is fairly large. The Windows 7 / Windows Vista version is 496MB and the Windows XP version is 415MB.
4. Burn the Ophcrack LiveCD ISO File to a CD
After downloading the Ophcrack LiveCD software, you'll need to burn the ISO file to a CD.
Note: If the ISO file is not burned correctly, Ophcrack LiveCD will not work at all.
After burning the Ophcrack LiveCD ISO file to a CD, go to the computer that you can't get in to and continue to the next step.
5. Restart With the Ophcrack LiveCD Disc In Your CD/DVD Drive
The Ophcrack LiveCD disc you just burned is a "bootable" CD, meaning it contains a small operating system and software and can be ran independent of the operating system on your hard drive. This is exactly what we need in this situation because you can't access the operating system on your hard drive right now (Windows 7, Vista, or XP) due to not knowing the password.
Insert the Ophcrack Live CD disc into your CD/DVD/BD drive and restart your computer.
The initial screen you see after restarting should be the same one you always see immediately after starting your computer. There may be computer information like in this screenshot or there may be a computer manufacturer logo.
Ophcrack LiveCD begins immediately after this point in the boot process, as shown in the next step.
6. Boot to the Ophcrack LiveCD Disc
After the initial startup of your computer is complete, as shown in the previous step, the Ophcrack LiveCD menu should display.
You don't need to do anything here. Ophcrack LiveCD will continue automatically after the Automatic boot in x seconds... timer at the bottom of the screen expires. If you'd like to advance the process a little faster, feel free to hit Enter while Ophcrack Graphic mode - automatic is highlighted.
Don't See This Screen? If Windows started, you see an error message, or you see a blank screen, then something went wrong. If you see anything other than the menu screen shown above then Ophcrack LiveCD did not start correctly and will not recover your password.
Are You Booting to the CD Correctly?: The most likely reason that Ophcrack LiveCD might not be working properly is because your computer is not configured to boot from the CD you burned. Don't worry, it's an easy fix.
just go to your bios screen and set cdrom as your first boot device.
7. Wait for Ophcrack LiveCD to Load
The next screen consists of several lines of text that quickly run down the screen. You don't need to do anything here.
These lines of text are detailing the many individual tasks that SliTaz (a Linux operating system) is taking in preparation for loading the Ophcrack LiveCD software program which will recover the passwords encrypted on your hard drive.
8. Watch for Hard Drive Partition Information to Display
The next step in the Ophcrack LiveCD boot process is this little window that appears on screen. It may appear and disappear very quickly so you could miss it, but I wanted to point it out because it will be a window that runs in the background that you may see.
This message is simply confirming that a partition with encrypted password information on it has been found on your hard drive. This is good news!
9. Wait for Ophcrack LiveCD to Recovery Your Password
The next screen is the Ophcrack LiveCD software itself. Ophcrack will attempt to recover the passwords for all of the user accounts that it can find on your computer. This password cracking process is completely automated.
The important things to look for here are the accounts listed in the User column and the passwords listed in the NT Pwd column. If the user account you're looking for isn't listed, Ophcrack didn't find that user on your computer. If the NT Pwd field is blank for a particular user, the password has not been recovered yet.
As you can see in the example above, the passwords for the Administrator and Guest accounts are listed as empty. If you were cracking a password for a user that Ophcrack shows as empty, you now know that you can log on to the account without a password at all, assuming that the user account is enabled.
Look toward the bottom of the user list - see the Tim user account? In under one minute, Ophcrack recovered the password to this account - applesauce. You can ignore any other accounts you're not interested in recovering the passwords for.
After Ophcrack recovers your password, write it down, remove the Ophcrack LiveCD disc from your optical drive and restart your computer. You don't need to exit the Ophcrack software - it won't harm your computer to power it off or restart it while it's running.
In the next step, you'll finally get to log on to Windows with your new password!
Note: If you do not remove the Ophcrack LiveCD disc before you restart, your computer will likely boot from the Ophcrack disc instead of your hard drive.
10. Logon to Windows With the Ophcrack LiveCD Recovered Password