Hacking Windows Password - SAM file cracking with Ophcrack

Hi folks. It happens with many peoples including that you forgot the windows account password and having troubles in Login process OR you simply want to know the Password of your schools or Friends PC.
Well then I think again its time to crack the Hashes in an easy way. Yeah I know that there are ways to reset the password like RESET WINDOWS PASSWORD but here I'm talking about viewing the password. There is a cool bootable CD called Ophcrack which allows you to crack the hashes using rainbow table and is available in simple GUI.
Its a small linux distribution with a tons of features but very popular for its easy and fast hash cracking feature. I'll cover the detailed features of ophcrack in future article soon.

Basic: Windows uses NTLM hashes to encrypt the password file which gets stored in SAM file. We simply need to target this file to retrieve the password

Tools Required:
  • Ophcrack Live CD. Download from here
  • Time and Patience
Lets get started....

Insert the Ophcrack Live CD and Boot your PC. Make sure the Boot from CD is the first option in the Boot menu at BIOS.
You'll get the Startup menu.
here choose Ophcrack Graphic mode - automatic
After few old loading shots, it'll redirect to the Linux Desktop. There Click on menu > Run
In the pop up box type > ophcrack click ok
Now you can see the ophcrack application windows. Here, click on Load > Encrypted SAM
After that we need to give the path to SAM directory which is by default /mnt/hda1/WINDOWS/System32 click choose
Here we can see the saved hashed now with the username and userid.
Now click on Crack button and wait for the password. Its quick and easy
That's it. It'll show the password now Have fun with the cracked password.

Note: Ophcrack is a live Linux CD, it may not work on all the versions of Windows 7 however its working fine with Windows XP/Vista.

Keep Cracking. Keep Rocking :)
Next Post »