Ophcrack – A Password Hack Tool to Crack Almost Any Windows Password

Ads by Google

There are a lot of different reasons why one would want to use any number of password hack tools to hack a Windows password. Of course, there are the good-hearted reasons, like helping your grandpa because he forgot his password and is locked out of his own computer. Then, there are the more dubious reasons, like spying on your accountant.

In the past, MakeUseOf has published other password-cracking related articles. Those who are interest should check out T.J. Miniday’s 3 Ways to Reset Forgotten Windows Administrator Password.

However, there might be circumstances in which you’d need unnoticed access – being able to use the terminal without literally changing the password.

Ophcrack

That’s where Ophcrack comes in. Ophcrack is one of the more effective password hack tools that runs via Windows, Mac and Linux installations or on a Live CD, and it can be used to crack almost any Windows password.

To manage this, Ophcrack uses rainbow tables to guess the password. When a working one is encountered, it is presented to you, and you can simply log in with it. One would think this “guessing” takes a lot of time, but that’s just where the power of rainbow tables lies.

ophcrack2

Rainbow Tables in a Nutshell

Operation systems don’t store the user passwords in plain text — that’d be highly insecure, and even right out stupid. Instead, they calculate the hashes of the passwords by putting the passwords through a one-way hash function and store those. When one would obtain these hashes, they would still be rather useless; the password needs to be entered, after which the hash needs to be calculated and compared to the stored password hash.

e.g. ‘makeuseof.com’ would become ‘9fb883363640e11970be10a5936a37fc:b35f6f8268073d2242e0cd8b72554d8a’ when converted to Windows XP’s LM hash.

A rainbow table is basically an enormous list of passwords — basically every password a brute force attack would try — with their respective hashes included. Although this table takes a lot of time to generate, it can reduce the cracking of passwords to minutes, or even seconds.

Ads by Google

Downloadable Tables

Ophcrack supplies a few of these rainbow tables, free, for your use. They’re included in the Live CD, can automatically be retrieved from the Windows executable, or downloaded from the Ophcrack website. We’ll quickly look over the available tables, and their possibilities.

For Windows XP, Ophcrack supplies two alphanumeric tables. With these, you can crack 99.99% of all passwords under 14 characters, consisting of a combination between letters and numbers — abcdefghijklmnopqrstuvwxyz0123456789. Because the LM hash used by Windows XP is insensitive to capitalization, these hash tables contain 80 billion different hashes, corresponding with 12 septillion possible passwords.

tables_xp

You can choose between the XP free small and the XP free fast tables. These can both be used to crack the same passwords, but because the XP free fast table is twice as large, you can crack them in half the time.

The downside of both tables is their unability to crack passwords with special characters — these can only be cracked using the premium XP special tables.

For Windows Vista, which abandoned the weak LM hash, and moved on to the stronger NT hash, there are less possibilities. Currently, Ophcrack only gives away a table with dictionary-words and variations (hybrids) for free. If you’re willing to cough up a lot of money (about 99$), they also provide alphanumerical tables – including special characters.

tables_vista

Because the NT hash is subjective to capitalization, and allows a much greater password length (whereas the LM hash simply splits large sequences up in multitudes of smaller strings), these premium rainbow tables can range in size from 8GB to over 130GB.

And that’s the essence of it. There’s some more technical information (a real how-to) in the Ophcrack help files (included in the downloads).

If you’re shivering in your boots after reading this article and thinking,”Gosh, everyone’s going to know how to hack my password. What shall I do?” Then it may be a good time to create a stronger password. Stefan wrote about 5 free password generators that will help you make nearly unhackable passwords, no matter what password hack tools a hacker tries to use. It’s a good start.

So, what do you think? Is Ophcrack really the pot of gold at the end of the rainbow, or hardly worth one’s attention? — Let us know your experiences, opinions and questions in the comments section below.

Ads by Google
Comments (31)
  • Chris

    thanx, I have other method to recover windows password now.

  • Chris

    You can reset windows user account password in safe mode(F8 when booting up). But if you forgot administrator password, you must reinstall windows OS or use windows password recovery disk.
    http://www.windowsloginrecovery.com

  • debi

    please can anyone help me get my passwords bk to my msn and hotmail account as my ex-partner as changed them

    • Simon Slangen

      Try the default password recovery (secret question), or otherwise contact Windows Live support. They’re best equipped to help you with this.

  • Fiona

    Free trail Windows Password Recovery Tool—Windows Password Unlocker is highly recommended
    1.Download Windows Password Unlocker from Password Unlocker Official site
    2.Decompress the Windows password unlocker and note that there is an .ISO image file. Burn the image file onto an blank CD with the burner freely supported by Password Unlocker.
    3.Insert the newly created CD into the locked computer and re-boot it from the CD drive.
    4.After launched the CD, a window pop up with all your account names(if you have several accounts) select one of the accounts that you have forgotten its password to reset it. Just one press, you have removed the password

  • Cena

    Wow well detailed… but can you also provide some info on recovring lost passwords of windows vista??

Load 10 more
Affiliate Disclamer

This review may contain affiliate links, which pays us a small compensation if you do decide to make a purchase based on our recommendation. Our judgement is in no way biased, and our recommendations are always based on the merits of the items.

For more details, please read our disclosure.
Affiliate Disclamer

This review may contain affiliate links, which pays us a small compensation if you do decide to make a purchase based on our recommendation. Our judgement is in no way biased, and our recommendations are always based on the merits of the items.

For more details, please read our disclosure.