Ophcrack is a free Windows password cracker based on Slitaz linux and using ophcrack with modified 'rainbow tables'. It comes with a Graphical User Interface and runs on multiple platforms. Once you have made the bootable USB flash drive, just boot from it and ophcrack will automatically run and display a nice table of all your Windows users and their passwords (if set and if crackable). Slitaz runs entirely in RAM and does not change any files on your target computer (i.e. non-invasive).
Introduction
There are two versions of ISO file for Ophcrack, one for Vista/Win 7 and one for XP - they are essentially the same but contain different rainbow hash tables. This tutorial describes how to prepare a bootable USB drive using the ISO files of these two Ophcrack Live CDs and combine them. When the linux OS boots, it looks for the rainbow tables (table0.bin, etc.) in the \tables folder on all mounted volumes. For this reason the \tables folder from inside each ISO file must be extracted to the USB drive. This means that over 800Mb of files are in the \tables folder and also in the iso files. For this reason, although it is perfectly possible to boot from the ISO files via grub4dos, this tutorial uses the contents of the ISO files to save space on your USB drive as the /tables folder must be in the root of an accessible drive anyway (but see Tutorial 93 for a way to use just the ISO files).
See how easy it is to crack your own PC - maybe you will start using stronger passwords now
Method
The following instructions assumes you know your way around extracting the contents of ISO files, etc. A bootable USB hard disk will load and run ophcrack faster than a slow USB Flash drive...
- For version 3.4.0 download the 46MB without tables liveCD ISO from here and then download the separate free tables for Vista and XP from the Tables tab on the website and unzip them. Make sure you check that the size of the ISO file is correct after downloading and check the MD5 hash is correct (tip: use RMPrepUSB CTRL.C to check the MD5 value).
IMPORTANT: if the folders and files under \tables will appear as all uppercase (e.g. 3.4.0 has \TABLES\XP_FREE_\TABLE0.BIN, etc.) if you use an iso mount utility like imdisk or clonedrive, you must change them all to lowercase filenames (e.g. table0.bin). This must be done for the \tables folder and ALL files under the \tables folder - otherwise Ophcrack will not find the tables! For this reason I suggest you use 7zip to extract files from an iso OR download the ophcrack-notables-livecd-3.4.0.iso and then download the XP and Vista free tables zip files (see Tables tab on website) - the tables in the zip files have all lowercase names but the files in the full LiveCD ISOs are all uppercase if you mount the iso as a volume and so will not work. Always use 7zip or check that you have lower case filenames. - Using WinImage or 7Zip, extract the contents of the ISO. Unzip the free table zip files to folders on your system hard disk as follows:
C:\ophcrack\ophcrack\boot - copy \boot folder from ISO (only the bzimage and rootfs.gz files are needed)
C:\ophcrack\tables\xp_free_small - copy \tables\xp_free_small from XP free tables zip file
C:\ophcrack\tables\vista_free - copy \tables\vista_free from Vista free tables zip file - Create a file in C:\ophcrack called menu.lst using Notepad (press F4 in RMPrepUSB) with the following contents:
title OphCrack Password Cracker LOWRAM (lowram - slower on Vista/Win7 systems)
find --set-root /ophcrack/boot/bzImage
kernel /ophcrack/boot/bzImage rw root=/dev/null vga=normal kmap=uk ophcrack=lowram screen=1024x768x16 autologin
initrd /ophcrack/boot/rootfs.gz
title OphCrack Password Cracker FAST (for more than 512MB RAM systems)
find --set-root /ophcrack/boot/bzImage
kernel /ophcrack/boot/bzImage rw root=/dev/null vga=normal kmap=uk screen=1024x768x16 autologin
initrd /ophcrack/boot/rootfs.gz
kernel /ophcrack/boot/bzImage rw root=/dev/null vga=normal kmap=uk ophcrack=lowram screen=1024x768x16 autologin
initrd /ophcrack/boot/rootfs.gz
title OphCrack Password Cracker FAST (for more than 512MB RAM systems)
find --set-root /ophcrack/boot/bzImage
kernel /ophcrack/boot/bzImage rw root=/dev/null vga=normal kmap=uk screen=1024x768x16 autologin
initrd /ophcrack/boot/rootfs.gz
- you can change kmap=uk to us or de or whatever (though you should not need a keyboard). The login password is 'root' (if required).
- Run RMPrepUSB and use the following settings on a 1GB or larger USB Flash drive or USB HDD:
1. MAX, 2=OphCrack, 3=MSDOS, 4=FAT32+HDD, 5=C:\ophcrack + tick Copy Files --> then click 6 Prepare Drive
- Click on Install grub4dos and if prompted use No=PBR. Then hit[ Enter] to copy grldr when prompted (note: do NOT click on the Windows shell close icon, you must press Enter or the grldr file will not be copied).
Check you now have a USB drive with this contents:
\ophcrack folder
\tables folder NOTE: This should contain a folder which contains the tables - e.g. \tables\xp_free_small\table0.bin, \tables\vista_free_\table0.bin
\grldr file
\menu.lst file - Click on Eject Drive in RMPrepUSB (or use the SystemTray icon).
Now go try it! If you are cracking an XP system, the Vista free tables are not needed - you can move them to another folder temporarily or stop Ophcrack once it starts and deselect the vista table
EmoticonEmoticon