Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman's original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds.
- Cracks LM and NTLM Windows hashes
- Free tables available for Windows XP, Vista and 7
- Brute-force module for simple passwords
- Audit mode and CSV export
- Real-time graphs to analyze the passwords
- LiveCD available to simplify the cracking
- Loads hashes from encrypted SAM recovered from a Windows partition
Last livecd 3.6.0 version does not work because it does not have table. livecd version 3.4.0 was very good.
What a monumental waste if time. Download two, 600+ meg programs (ver 3.6.0 and 3.4.0) and have neither contain the tables needed to work. Yes, I know it's free, but a free piece of crap is still a piece of crap. The program may be free but my time isn't. DON'T BOTHER!!!
Boot my Windows VM from Ophcrack ISO file and it failed to detect my hard drive so it's useless for me. Eventually I removed the password with another program PCUnlocker. Additionally, the rainbow tables are too expensive, I think.
regarding some of the previous comments about ophcrack vista 3.6.0 not loading tables, I have same problem, and have a solution. Problem: Boot ophcrack vista 3.6.0 live from CD, then see: "Tables found: /media/sr0/tables/vista_proba_free/table0.bin" then see: "Did not find the requested table(s) ... [same as above]" What happens is that the auto configure program "ophcrack-launcher.sh" that is run automatically or manually, found the table, but passed the full table path to ophcrack, instead of just the directory that the table is in. Here is the solution: Edit that file to fix (you need to know vi, I can't help you on that): vi /usr/bin/ophcrack-launcher.sh Find line at almost the end "Starting ophcrack", and in the next line change -t $table_inline to -t $(dirname $table_inline) then try ophcrack-launcher.sh again. This change will be lost at every reboot. If you can't edit that file, you can always run ophcrack by hand from command line: ophcrack -d / \ -t /media/sr0/tables/vista_proba_free \ -w /media/sda2/Windows/System32/config \ -n 9 \ -o /tmp/ophcrack.txt \ -g The 9 is one plus the number of CPU cores in your system. The sda2 is where the windows hard drive shows on your system. Both will likely need to be changed to suit your setup. Works fine after this. John Refling
Downloaded fine, but had malware TSPY_PWDUMP_CA25037B.TOMC