[Legion Leak] OphCrack LiveCD WinXp/Vista/7 Automated Password Cracking 07-28-2013, 06:48 PM
#1
This post is leaked from the premium section of "Legion" on the competing hack forum. There will be 5 new leaks a day. There may be some format problems due to UTF8 character encoding.
(07-21-2013, 01:25 AM)SirSloth Wrote:
Hello everyone, I am SirSloth, coming to you with a simple method/tutorial on how to crack a Windows Xp/Vista/7 password.
-Contents Per Divider-
Downloading
Burning
BIOS Setup
Booting Process
Software Itself
Next Steps (if needed)
Regards
Downloading
So, we'll start off with going to the official 'ophcrack' Sourceforge page.
Link: http://ophcrack.sourceforge.net/
It will look like this:
You'll want to press the 'Download ophcrack LiveCD' button.
Afterwards, select which copy you want, depending on the Windows version you're cracking.
Example:
Windows 7: Click on ophcrack Vista/7 LiveCD.
Windows Vista: Click on ophcrack Vista/7 LiveCD.
Windows XP: Click on ophcrack XP LiveCD.
The no tables option will not be covered in this tutorial, as that goes more in-depth.
Next, you'll have to wait for the download to finish, and then you will be able to burn the ISO to a blank disk.
Burning
Burning the disk is the next step to getting this show on the road. This can easily be done by right-clicking the .ISO ophcrack download, and selecting the burn option. Select your CD/DVD/Blu-Ray drive that contains the disk, and start burning.
While you're waiting for the burning to complete, it is suggested you undergo a mandatory 'beer break.'
Remember: Always label your disks will a sharpie, so you can identify them in the future.
BIOS Setup
After the burning is complete, you'll want to test to make sure it was burned properly. You could test this by booting to CD/DVD/Blu-Ray drive on your own system, and attempting to crack it. I was able to personally crack my own password in about 15 minutes, which prompted me to change it to something a little harder to crack.
Now, to boot up into this disk, we will need to gain access to the motherboard's BIOS (Basic Input Output System.) Now, depending on the motherboard, the force-boot/boot order features will be available. Some motherboards do not have the force-boot option, but that is okay, as we will merely need to make sure our boot order calls for the disk drive first. In some motherboard BIOS's, the boot order choice will be on the first page you get into, on others, you may need to look around a bit.
Once you configure the boot order, save, and quit the BIOS. Generally, this will prompt the computer to reset, otherwise you will have to fire it up manually.
Note: If this step fails to boot to the disk, you may have a corrupted burn, in which case you could attempt to burn it to another disk (or the same if you have a rewriteable disk) and try again with lower burn rates/verification.
Note: This tool will not always find the password, and it will struggle with special characters, and mixed-case passwords.
Booting Process
Once you successfully boot to the disk, you will see the LiveCD doing it's standard initializing. This initialization is verbose, which means you will be seeing everything it's doing as it is booting up. I quite enjoy looking it over, as verbose booting is nice to look at for me. (results may vary)
Eventually a window will pop-up quickly. This window will display the hard drive partition data. This is good news, as it means that it has found encrypted information it's built to crack.
Software Itself
Eventually, the software will be prepared, and it will pop-up. It will be a sleek interface with many options.
It'll look a little something like this:
Image credits to fsdn.com Spoiler:
This software should begin by itself, as it is a completely automated task.
The software will run through the built-in tables, and check for matching. Some passwords will crack faster, some will crack slower, some won't be cracked.
If your account is not found in the 'User' column, that may be a sign that ophcrack did not find your user, and that you may need to move on to the next step.
Note: When the NT Pwd field is blank, the password has not been cracked.
Note: If NT Pwd shows up as an 'empty' field, that means there is no password required to login to the account. My personal favorites.
Next Steps
What do I do if the cracking process did not recover the password, or it dun goofed?
You can try to use other programs designed to crack an OS password, otherwise you could try using your own tables.
Other tools that may be of use:
Kon-Boot (outdated, no 64-bit support)
John the Ripper (for the more advanced cracker, supports all Windows versions)
PC Login Now (built to delete the Windows password it detects)
Offline NT Password & Registry Editor (erases the password on all Windows versions, most of the time)
Regards
Thank you all for checking out my tutorial, I hope you find it useful, as this took awhile to write. I have personally tested a few of these programs, and found luck with them. Ophcrack itself is a very nice tool.
Regards, SirSloth.
![[Image: ibn2PQoNxzz1FS.gif]](http://i.minus.com/ibn2PQoNxzz1FS.gif)
![[Image: yiYEfJx.png]](http://i.imgur.com/yiYEfJx.png)
![[Image: SGOiCtH.png]](http://i.imgur.com/SGOiCtH.png)
![[Image: 208038.jpg]](http://a.fsdn.com/con/app/proj/ophcrack/screenshots/208038.jpg)
![[Image: F4Z9Dqw.png]](https://i.imgur.com/F4Z9Dqw.png)
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)
