What is Digg?69 Comments
- TriZz, on 10/12/2007, -1/+301. Download Ophcrack Live CD
2. Burn Ophcrack Live CD
3. Load Ophcrack Live CD
4. Enjoy.
Does this really need an article? - inactive, on 10/12/2007, -3/+29I'm in ur Windoez, stealin ur passwrdz
- monkeyrun, on 10/12/2007, -0/+19NNNnnooo ..... my life support system's cracked
- Maxtrosity, on 10/12/2007, -2/+19If it only came on a USB drive :(
- ScionX, on 10/12/2007, -0/+13If you actually let the hacker sit down at your computer, it doesnt matter what security you have on it. Your owned.
- dtd00d, on 10/12/2007, -7/+16These are the times when I wish my school wasn't run on a mac-based grading system...
- CraigB12, on 10/12/2007, -1/+8if someone uses $pec!al_ch@r3c+3rs they're smart enough to not let you use ophcrack on their computer.
- bmartin, on 10/12/2007, -0/+6I'm a CS graduate. During my college years, if you gave me a dollar for every time some said "*****, I forgot my Windows password, do you know how to recover it?" I'd be pretty damn rich. There's a security hole in the XP CD anyways (that's how I helped them out)... you can simply use that to change any user's password to whatever you want, so long as you have the CD key to use afterwards. With many machines, particularly Dell, it's usually on the side of the machine.
So this definitely has a purpose for those who aren't malevolent. - grouchyman, on 10/12/2007, -2/+8This is much easier than looking on the secretary's desk for the current week's password so I can login remotely from home to play some Global Thermonuclear War!
- Phocion55, on 10/12/2007, -0/+4I appreciate the justification for using caps.
- PleaseJustDie, on 11/09/2007, -1/+5Cracking passwords is a waste of time, just download the NT Password reset cd, burn the CD, reboot the computer, select Administrator, tell it to clear the password, reboot, username: Administrator, password is blank, log in, change admin password, laugh at friend who can't log in with his admin password anymore.
- inactive, on 10/12/2007, -7/+11That's right, dtd00d, because ***** just learning the stuff at school.
- Kahnza, on 10/12/2007, -0/+4I agree. It works great. Saved a few friends from having to reinstall windows because they forgot their password.
- colin7151, on 10/12/2007, -0/+4Unfortunately it only has the mixed-case alphanumerical character set included on the live CD. So it cant crack passwords that have $pec!al_ch@r3c+3rs_:).
- chicagodj, on 10/12/2007, -3/+6ophcrack is one of the best password crackers ive seen for xp
- Gryffydd, on 10/12/2007, -0/+3It's not a waste of time if the user has EFS files. Cracking the password will give you access to those, resetting it will not. Also, there are times when you want to know a password without the owner knowing anything is wrong. They'll definitely notice when they can't log in anymore.
And if you want to crack passwords in Windows Cain is better than Ophcrack in a lot of ways--definitely more functionality. - lowbot, on 10/12/2007, -0/+3Yes, it does need an article namely how to choose a difficult to crack password. Ill write it now "Use caps, numbers, and some kind of symbol." That CD's rainbowtables are too small to crack anything that isnt lowercase and numbers.
- drmsux, on 10/12/2007, -0/+3jrbrewin: "...(14 or more character passwords,.." actually, 15+ chars are required to prevent storing of LM hashes in SAM. Also, you could use Vista's BitLocker full volume encryption to prevent the offline attack.
- sputza, on 10/12/2007, -0/+3I use it last night and it busted right through some of my more difficult passwords. The average user has really easy password to guess. I tried it on my parents computer and it had the passwords figured out within 5 min. Great tool in the hands of the white hat hackers ;)
- MOBOB, on 10/12/2007, -0/+3took 15 sec to crack my password...damn
- lowbot, on 10/12/2007, -0/+3Best to try a non-descructive method first. Writing to NTFS and overwriting the hash is dangerous. Reading NTFS is not so dangerous. Id use your method last.
- inactive, on 10/12/2007, -1/+3Does anyone know if Vista suffers from the same security flaw?
- kab3wm, on 10/12/2007, -0/+2No, actually, it hasn't. And no, it's nothing like the "*nix based bootable iso image that allows you to blank passwords". This does not change the password, it SHOWS you what it is. I would say that makes quite a difference if you don't want the person to know what you did.
- DS513, on 10/12/2007, -0/+2This was on Digg before ( a LONG time ago) but I'll digg it again because it's just that good. This program works like magic. It's extremely handy and even somewhat scary to know how insecure your passwords are in Windows.
- istatic, on 10/12/2007, -0/+2will it crack the passwords if you're on a network
- inactive, on 10/12/2007, -0/+2Vista passwords are harder to crack, because they use NT hashes by default and not that POS LM. But it's still possible if you have a weak password...
http://www.infoworld.com/article/07/01/05/02OPsecadvise_1.html - blizzok, on 10/12/2007, -0/+2sutblty, my friend. when you know a password, nobody can tell. if you have to change it, well...
- Gonarat, on 10/12/2007, -0/+2@Li0nel1234
You need to go into the BIOS and change the boot order. Look for a message like "press F12 to enter setup" to do this. The required key(s) must be entered before the BIOS finishes and passes control to XP. Once in the BIOS, change the boot order to check the CD drive for a bootable disk before checking the Hard Drive. Save and Reboot the system and you will boot from CD if a bootable CD is in the drive at startup. - sputza, on 10/12/2007, -0/+2Entering the BIOS is a different key for different computer manufacturers. Some use the delete key, others user F2, and some F12. When your computer is booting up, before the windows loading screen, the black BIOS screen usually says what key you need to hit to enter "setup". Hope that helped.
- CraigB12, on 10/12/2007, -0/+1No, but there's a different version that will.... the name escapes me at the moment.
- dewright23, on 10/12/2007, -0/+1Macs are easy to change passwords on:
http://kb.wisc.edu/helpdesk/page.php?id=3853
http://www.macobserver.com/tip/2003/06/16.1.shtml
And while it is not a bootdisk, you can crack passwords on a Mac too:
http://www.wap.org/journal/crackmacpasswords.html - unitedstatians, on 10/12/2007, -0/+1this is unrelated, but how can you partition a HDD from a network?
- BobABoui, on 10/11/2007, -0/+1Note on the first and 2nd links, if you reset the password, you still won't be able to access the account completely because you can't reset the "Keychain password".
"Resetting an account password does not change the Keychain password. For security reasons, there is no way to reset a forgotten Keychain password and the contents of the keychain cannot be recovered. The Keychain must be deleted so a new one can be created and used."
The 3rd link is only good if you already have an admin account because you'll need that to create the password dump file in step #12. If you go back and reset the account, then the original password is gone so still no access to the "keychain" on that account.
"So how do I crack Mac OS X passwords?
1. Install Developer Tools on your Mac.
...
12. to start your cracking fun, once you are inside the run directory do:
sudo nidump passwd / > mymacs.passwd
This will create a password file for your mac. You’ll have to enter your administrative password."
As far as booting in firewire target mode, personal files are still secure if you can't get root access. If FileVault is enabled (in system prefs http://www.apple.com/macosx/features/filevault/ ), forget about accessing any files.
Compare that to the XP crack where you only need to press f12 and select to boot on the Ophcrack CD. - bmartin, on 10/12/2007, -0/+1@adidos
Yep. See http://pubs.logicalexpressions.com/Pub0009/LPMArticle.asp?ID=305. Read the whole thing before proceeding. - ElectroFox, on 11/14/2007, -0/+1Totally different task, unless you're using a windows box for a router. Is it wireless or wired? Either way, it's not as simple as cracking some password hashes. You have to start by capturing network packets. Use google, if you really want to find out more. There's plenty of info out there. But a fair warning: it's a more complicated and time-consuming task.
- splendid, on 10/12/2007, -1/+2The LM hash is relatively weak compared to the NT hash, and it is therefore prone to fast brute force attack. Therefore, you may want to prevent Windows from storing an LM hash of your password. This article describes how to do this so that Windows only stores the stronger NT hash of your password.
In other words, Ophcrack becomes useless.
http://support.microsoft.com/kb/299656 - ramsinks.com, on 10/12/2007, -0/+1works great.
- adidos, on 10/12/2007, -0/+1I've used Peter Nordahl's PW recovery tool for NT/2k but it doesn't seem to always work for XP. Is there a better one?
- colin7151, on 10/12/2007, -0/+1A. buy the tables: http://for-sec.com/p43.htm --- $499
B. find rainbow_tables-alpha_num_sym32_space.torrent somewhere or http://www.hak5.org/wiki/Community_Rainbow_Tables - jrbrewin, on 10/12/2007, -0/+1passwords suck, use passphrases instead. (14 or more character passwords, that l0phcrack, etc, always fail on, because of the way longer passwords are transmitted over the network, and cached locally)
- Navitron, on 10/12/2007, -0/+1Wow people just now learned you can do that I've been doing that since 02` with ERD Commander for when my friends friends computers get all virus/malware infected and there systems wont even start up. Its a boot dist that runs a virtual OS over the windows file system you can do restores, copy over and backup files from a totally unrecoverable OS, edit registry, change/reset passwords even if its over 14 char ect... Runs its own NIC drivers and has firefox, I think the company not in business anymore but its still readily available on BT.
- Li0nel1234, on 10/12/2007, -1/+2How do you boot from a cd? I burnt the orph crack cd and it works on mine but I tried on a different windows xp comp and it went straight to the log in screen instead of booting from the disk. What do I do?
- scagusss, on 07/17/2008, -0/+1i want to get into my daughters laptop with out her knowing or changing the password.
how can i do that. i want to set up parental control without her knowing - inactive, on 05/09/2009, -0/+1So does anyone know how to crack a pass with special characters? I think Cain and abel will do it, maybe.
- H3LLSL337, on 10/12/2007, -0/+1I just use ERD Commander. Never had a password I couldn't reset.
- ak2006137, on 02/20/2009, -0/+0you would need something like back|track 2, 3 (or 4beta), and some knowledge of linux.....i dont recommend hacking ur next door neighbours wireless they will know....if u do it, do it on your own hardware.
- jesterhtk, on 10/12/2007, -0/+0Hello can someone help me please i am trying this on a laptop with windows 2000 pro it loads up then after all the commands load it goes to black screen and stays there for over an hour am i not doing something i should be thanks for your help
- smartydebater, on 10/12/2007, -1/+1I think Vista has a better way to store passwords.
- KevGat, on 10/14/2007, -0/+0Search for an ISO burner in google, than use that to burn it to a CD. if your using a laptop I suggest using a slower write speed as mine failed the first 3 times that I used it on anything higher than 1X.
- ak2006137, on 02/20/2009, -0/+0yes of course vista can be hacked.....all u need to do is get the oph cd and buy the tables (cryptographic code and u can crack pretty much anything.....including mac os x,unix, linux blah blah blah.
boot the cd either it be xp or vista give it some time to crack and it will do the job. if u buy the software 8gb in total u'll need a usb stick to access the tables..:) -
Show 51 - 69 of 69 discussions
Digg is coming to a city (and computer) near you! Check out all the details on our 
© Digg Inc. 2009
— Content created and posted by Digg users is