| Ophcrack Live CD = Easy Windows Password Recovery |
| Monday, 02 April 2007 | |
|
I recently was approached by a friend whose computer had "locked him out." After talking to him I have deduced that it was his sisters, and he somehow managed to return it to a system restore point that restored his sister's old password. He called her and she doesn't remember it, so he is totally locked out of the system. I don't have the option of using a standalone program to get the hash, and while I considered a site that decrypts hashes for you, after you boot from one of their disks, I really wanted something self-contained. I ended up deciding on Ophcrack, specifically their Live CD, for a few reasons: It is self contained, it is Linux (very good!), and it is fast. So I downloaded that puppy.
There are only a few steps to getting your password back, provided it doesn't use any freaky symbols, and isn't really long. 1. After downloading and burning the CD image, insert the CD into the target computer's drive and reboot the computer. The logo screen appears, at which you should hit enter. Text should scroll down the screen, and eventually you will have a graphical interface pop up, with the one and only window (Ophcrack). 2. Once the system is done, select the user account you wish to recover the password for, and click launch. 3. Depending on the speed of your system, the cracker will go to work, and if it can determine and decrypt your passsword, it will eventually display it in the "NTPassword" column. Write it down, click exit, remove the CD, and reboot. Use the password, and change it to something you will remember that is also secure. That's it! You can find a screenshot gallery of this whole process over at Lifehacker. |
