Ophcrack is a powerful tool that can help you recover your lost Windows passwords. This software is totally free, but it isn’t easy to use. It takes technical knowledge that not every user is equipped with. Read on for the practical steps you need to use ophcrack to retrieve your passwords. The LiveCD method (simplest …
Ophcrack is a powerful tool that can help you recover your lost Windows passwords. This software is totally free, but it isn’t easy to use. It takes technical knowledge that not every user is equipped with. Read on for the practical steps you need to use ophcrack to retrieve your passwords.
There are two methods for using ophcrack: 1) using it as a LiveCD and 2) using it as a Windows application. While the application version of ophcrack can handle more complex passwords, it takes additional downloads and extra knowledge to operate. The LiveCD version is simpler, automatically extracting hashes from your computer and using its own built-in rainbow table.
To use this method, you will need access to a separate computer (that isn’t locked) on which to download ophcrack. You will also need a physical USB drive (with at least 1 GB of storage) or a CD that can be inserted into both the working and the locked computer.
On your working computer, visit the ophcrack website at https://ophcrack.sourceforge.io/. Click the large “Download ophcrack LiveCD” button at the bottom right of the page. This will lead you to several download options. If you’re recovering the password from a Windows XP or earlier system, download the “ophcrack XP LiveCD.” If you’re recovering the password for any other Windows operating system, download the “ophcrack 7/Vista LiveCD.” These should be in the form of a single ISO file.
There are a variety of free software programs that will burn ISO files like ophcrack onto a USB. Rufus is a popular software for this task available at https://rufus.ie/en/. After downloading and launching Rufus, you can use the instructions available on their website to make this simple transfer.
Burning an ISO file onto a CD is a lot simpler. You insert the CD disc into your computer, right-click the ophcrack ISO in your downloads, and then select “Burn disc image.” Of course this only works if your computer has a disc drive.
Now that your USB or CD contains ophcrack and is considered “bootable,” you just need to insert it into your locked computer. Once it is inserted, power on your computer, and wait for the ophcrack menu to appear automatically.
If the ophcrack menu doesn’t appear automatically, you may have to change the boot order in your UEFI settings. Thankfully you can change this setting without logging in, but the exact process varies by the model of your computer. In settings, make sure your USB or CD are first in the boot order.
Once ophcrack boots up on your locked computer, a menu should appear that asks which account password it will decrypt. After selecting your account, the rest of the process is automatic. Ophcrack will take minutes to recover and display your password depending on its complexity.
While it might be simpler to burn ophcrack onto a USB or CD, that method has some limitations. The rainbow table that is built into the ophcrack LiveCD version will not be able to handle the most complicated passwords. The Windows application version is better suited for bigger decryption challenges.
Unlike the LiveCD method, you won’t need a physical USB or CD, or even a second computer. You will, however, need access to a separate admin account on the computer you’re getting a password from. If there isn’t a separate admin account you can work from, this method isn’t possible.
While the ophcrack LiveCD automatically retrieves password hashes from your computer, this application method requires you to extract them with a separate software like mimikatz and pwdump. Hashes are strings of characters that Windows stores in its security account manager to keep track of passwords. Downloading one of these free hash-extracting programs will give you these hashes as a text file.
This method also requires you to manually download a rainbow table from the ophcrack website. Rainbow tables are like dictionaries of password possibilities that ophcrack uses to decrypt hashes. The rainbow table you need to download will vary by your computer and the complexity of your password, but a wide variety are available for free on the “Tables” page of the ophcrack website.
Now that you have your hashes and rainbow tables set up, the final thing you need to download is the actual ophcrack application. Once again, this is available for free at https://ophcrack.sourceforge.io/. You just click the “Download ophcrack” button at the bottom left of their home page, and then install the version called “Windows (portable).”
Booting up ophcrack in your computer’s admin account reveals a menu where you can load your other decryption resources. The “Load” button opens your files and allows you to select the password hashes generated by pwdump or similar softwares. The “Tables” button allows you to select the type of rainbow table you downloaded from the ophcrack website before actually selecting the location of your rainbow table file.
With all of your resources loaded onto ophcrack, you can finally click “Crack.” This decryption process can take a long time, depending on the size of your rainbow table. But if the process is successful, your lost Windows password will be displayed.
Ophcrack is a powerful resource, and it’s important that you use it for strictly ethical purposes. Hacking a protected computer is a crime punishable by federal law. There are plenty of legitimate uses for this software, like recovering your own lost passwords or testing the strength of your passwords against decryption programs. Whichever method of ophcrack that you use, make sure that you are cracking passwords responsibly.
