There are loads of reasons for somebody to want to recover a Windows password, and there are lots of different ways of doing it. My favorite of all of these ways is to use a piece of software called Ophcrack because:
- The free tables are suitable for almost all uses (I've never been unable to recover a password with them),
- There's a success rate of around 99%,
- You can install it on a CD, USB flash drive, or directly onto the operating system,
- If it's installed on removable media, then there is no need to boot Windows, and
- It works on Windows XP, Vista and 7.
I'm going to say now that Ophcrack isn't perfect. Occasionally a password won't be cracked, there will be problems running it (but are easy to fix; I will explain the main one later in this guide), and it won't crack roaming passwords from a client.
Go to Ophcrack's website and click on the "Download Ophcrack LiveCD" link, then select the link for "Ophcrack XP LiveCD" if you're using Windows XP and download it.
Then go to the Tables section of Ophcrack's site and download the "Vista Free" table, and if you want, the "XP Free Fast" table, although this is optional. Any tables that don't have the word "free" in the title are paid tables.
If you want to install Ophcrack to a USB flash drive instead of a CD, then skip this step.
To install Ophcrack on a CD/DVD, you need to mount the .ISO image you downloaded in the previous step onto the disk. On some versions of Windows, when you double-click the downloaded file, the Windows Disk Image Burner will open. Just select the drive you want to burn to and click "Burn".
If your operating system doesn't have a built-in .ISO burner, there are plenty available as freeware on the Internet. Just Google it and look at the reviews to choose the best one.
Now, unless you want to install Ophcrack to a USB drive or hard drive, skip ahead to Step 4.
There are several ways of doing this, but I'm just going to cover the simplest (in my opinion).
The fist step is to download the Universal USB Installer from Pen Drive Linux. After it's downloaded, run it and agree to the license agreement. Because Ophcrack has been update more recently than the installer, you will need to select "Try Unlisted Linux ISO (New Syslinux)" in the first box. Next, browse to your file, select your USB drive letter and click "Create". The wizard should do the rest for you, with the occasional "OK".
To add the Vista tables, you must create a folder called "vista_free" in the Tables folder on your CD, DVD, or USB drive. Then extract the Vista free tables .zip file that you downloaded earlier into this. You can do the same with "XP_free_fast" and the corresponding tables.
To use Ophcrack, you should boot from your CD or USB drive from the BIOS menu. If all goes well, then Ophcrack should open after a short period of time, and you just click "Crack" to crack the password. However, there can be some problems, the most common being a "Tables not found" or "No tables found" error. To solve this, you open the Linux terminal in the applications menu and type the following (each line is a new line and spaces must be included as they are here):
mount /dev/sdb /mnt/usbkey
Hopefully now, Ophcrack should start as intended. Any other problems can normally be solved by Google or you can ask in the comments and I'll do my best to help.
- This software should not be used for malicious purposes.
- There may be laws regarding the use of this software in your area.
Want to help support Null Byte and start making your own money as a white hat hacker? Jump start your White-Hat Hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from Ethical Hacking Professionals.