Ophcrack, is a open source Windows password cracker or password auditing utility which is an improvement over original Ophcrack 1.0 developed at EPFL. Ophcrack hacks and cracks the Windows password LM and NTLM hashes based on a time-memory trade-off using rainbow tables. Basically, Ophcrack works by using rainbow tables which contains precomputed hashes of possible alphanumeric and character table sets, so that the program can iteratively compare the windows hashes to precomputed bits and compute the hash and its value more quickly in a more effective way than brute-force guessing. Thus, Ophcrack features ability to reveal, recover and crack most of the alphanumeric passwords which contains up to 12 – 16 characters almost immediately, usually within just a few seconds, and at most a few minutes.
Ophcrack comes in the form of Windows installer (currently Ophcrack 3.6.0) and Ophcrack LiveCD (currently Ophcrack LiveCD 3.6.0) which automates the retrieval, decryption, and cracking of passwords from a Windows system. The Ophcrack Live CD contains a live Linux distribution, ophcrack and/or an alphanumeric rainbow table set (SSTIC04-10k / SSTIC04-5k) or others to cracks LM or NT hashes. The CD is bootable and will automatically load Linux, search for Windows partitions and then extract Windows’ SAM to start ophcrack to crack the password hashes it finds. Without installing anything on the PC, LiveCD allows users to not only recover and retrieve their lost or forgotten password, but also to hack and crack the passwords on any Windows machines, although it can be used for testing the strength of passwords.
Ophcrack comes with a GTK+ Graphical User Interface and runs on Windows, Mac OS X on Intel CPU and Linux. Ophrack Windows installer, Linux source package and Ophcrack LiveCD can be downloaded from SourceForge. For Ophcrack LiveCD, note that you must download the correct version for Windows XP or Windows Vista and Windows 7, and you must burn it to a CD in order to use it to boot up the computer.
For Windows installer, Linux source and Ophcrack LiveCD without rainbow tables, you will also need to download Rainbow alphanumeric table sets from http://ophcrack.sourceforge.net/tables.php. It has many free rainbow tables, which supports alphanumerical (uppercase letters, lowercase letters and numbers) and/or special and space characters, German alphabets and other rainbow tables sets available for free, for Windows XP or Windows 7/Vista respectively. Commercial versions with larger data sets are also available for purchase. Note that you need to have sufficient RAM on the physical machine to load the table downloaded. You can opt to download the rainbow tables component automatically and directly from the installer itself.
If you cannot log on to the Windows because you have forgot the password, the LiveCD is the way to go. To use Ophcrack Windows app, just install it and run it. Click on Load and select the appropriate password LM (LAN Manager) hash to use. If you have already dump and save the hash with utility such as pwdump2, then choose “PWDUMP File”. Else you can choose encrypted SAM to allows Ophcrack to dump the hashes from the SAM and SYSTEM files retrieved from a Windows machine while booting on another disk, where there is no need to know a Windows administrator password to get the hashes. Other options been local SAM which dumps the hashes from the Windows machine the program is running on and remote SAM which dumps the hashes of a remote Windows machine, which both require the username and password of an administrator and the later also requires the name of a share.
Next, click on Tables, and select the location or folder that you store the rainbow hash tables downloaded or installed by the installer. The select the tables type you want to use. And finally, click on Launch button to start the cracking process.