Government Security
Network Security Resources

Jump to content

Ophcrack Livecd


  • Please log in to reply
13 replies to this topic

#1 Guest_Dennis_*

Guest_Dennis_*
  • Guests

Posted 12 January 2007 - 05:50 PM

Posted ImagePosted Image

Ophcrack LiveCD
Review Author: Dennis
Website: http://ophcrack.sourceforge.net
Version: 1.1.3
Size: 362.2 MB

I accidentally came across this one on my random internet quests. Its a program that tries to crack windows passwords using rainbow tables. Here are some of the featured listed by the author:
  • Runs on Windows, Linux and Mac OS X (intel).
  • Cracks LM and NTLM hashes.
  • Free tables available for alphanumeric LM hashes.
  • Loads hashes from local SAM, remote SAM.
  • Loads hashes from encrypted SAM recovered from a Windows partition.
The difference with other programs out there is that they have a Slax based LiveCD that comes preloaded with rainbow tables for alphanumerical passwords. Since the image fits on a cd and is only 362.2 MB in size i thought "WTF? rainbow tables are muuuch bigger, this must be a joke". The rainbowtables support upto 14 chars, which should be enough for most ppl.

So I downloaded the image, burned it and let it boot. The boot time was quick, even on my 2Ghz machine; took approx 1 minute to load the full slax OS with fluxbox as window manager.
When that is done, ophcrack starts automatically and start immediately preloading the tables (4 of them on the disk). This does take a long time; i clocked it on 8 mins to fully load the tables. After that it starts cracking the passwords without any user intervention. I clocked times too see how long it takes to crack some passes. These times include the loading of the the rainbow tables:
  • blelele: 501.34 seconds
  • omg1337: 524.26 seconds
  • severanceisg4y 609.11 seconds
  • governmentsec: 506.79 seconds
Verdict:
Its a good LiveCD that can crack windows passwords within a reasonable time. The loading of the tables take a long time, while the cracking of the passwords themselves take usually in seconds. One may think that the tables are too small, but i think you can easely modify the ISO, put bigger tables in it and burn a DVD instead of a CD. It does the job quite good, no user intervention needed, but it doesnt cut the mission-impossible-hanging-down-from-the-ceiling-cracking-passwords-fast for me. If i really want to get fast into a system i rather go with Offline NT Password & Registry Editor or equivalement. But it is a very nice (n00b friendly) livecd if you have the time for it :)

Update:
One of the developers mailed me.
You wrote: "only 362.2 MB in size i thought "WTF? rainbow tables are muuuch bigger, this must be a joke"

The truth is, most people use rainbowcrack, and that is a very lazy
implementation of rainbow tables.

Ophcrack uses tables that are 10 to 30 times smaller, because we use all
known optimizations (we should know them, since we invented rainbow tables).

#2 CloudyOne

CloudyOne

    Private First Class

  • Members
  • 82 posts

Posted 05 February 2007 - 10:32 PM

Nice find.

To be quite honest this is a great time saver. Most of the times i have someone who "forgot their password", they dont just want me to get around it, they want to know the actual password, so instead of manually going and loading software to crack it, or nannying it, this is quite nice to just boot from cd and let it go :)

Thanks :D

#3 ArchAngel

ArchAngel

    Private First Class

  • Members
  • 55 posts

Posted 06 February 2007 - 08:57 AM

This is by far the simplest method I have seen. I have tried all different types of methods, (all include the use of rainbow tables) and this is BY FAR the best I have seen to date. Was wondering when they were going to come out with something like this. (Anyone interested in the other methods can look at my previous posts.)

#4 w00zy

w00zy

    Sergeant

  • Members
  • 246 posts

Posted 06 February 2007 - 09:31 AM

Indeed, a very neat tool. Known it for quite a long time, but I never had the time to test it. Biggest advantage - in my opinion - is the possibility to "sneak" into a system, because you don't have to change the pwd, like with all the other pwd-breaker-tools!

(Un)fortunately there won't be such a tool for vista in the near future, as Microsoft's new OS uses more secure hashes (at least I think/hope so) ;)
I can't uninstall it, there seems to be some kind of "Uninstall Shield".

#5 ArchAngel

ArchAngel

    Private First Class

  • Members
  • 55 posts

Posted 06 February 2007 - 10:21 AM

Indeed, a very neat tool. Known it for quite a long time, but I never had the time to test it. Biggest advantage - in my opinion - is the possibility to "sneak" into a system, because you don't have to change the pwd, like with all the other pwd-breaker-tools!

(Un)fortunately there won't be such a tool for vista in the near future, as Microsoft's new OS uses more secure hashes (at least I think/hope so) ;)


Thats what they said about NTLM :D just give it a couple months and someone will crack it and it will be found on the Ophcrack cd :P

#6 Carmen

Carmen

    Private

  • Members
  • 11 posts

Posted 09 February 2007 - 05:38 AM

Indeed, a very neat tool. Known it for quite a long time, but I never had the time to test it. Biggest advantage - in my opinion - is the possibility to "sneak" into a system, because you don't have to change the pwd, like with all the other pwd-breaker-tools!

(Un)fortunately there won't be such a tool for vista in the near future, as Microsoft's new OS uses more secure hashes (at least I think/hope so) ;)


Ophcrack uses optimised rainbow tables to crack the LM hashes used on Windows systems that have passwords less than 14 characters in length. It'll break alphanumeric passwords quite quickly. NTLM is much more secure as it doesn't split the password into two 7 character passwords as LM does. Also LM converts all lowere case characters with upper, halving the keyspace for attacks, NTLM does not do this This makes NTLM much harder to break (if the password is of sufficent length of course). LM is disabled by default on Vista.

Still with ever increasing CPU speed and cheaper, larger storage, how long will it be before viable rainbow tables are available to break these passwords as well.

An early ophcrack example of NTLM breaking is already available here

http://www.objectif-...en/products.php



#7 trellos

trellos

    Private

  • Members
  • 3 posts

Posted 21 March 2007 - 07:56 AM

This does seem like a very promising tool, definitely worth looking into! Not as quick as booting from a Linux boot disk or hiren's boot disk and reseting the password, but still much simpler than gaining administrative access on the pc, installing pwdump to acquire the ntlm hashes and transferring them to another computer to decrypt using rainbow crack tables! :)

#8 oHawko

oHawko

    Private First Class

  • Members
  • 54 posts

Posted 21 March 2007 - 10:43 AM

Yep a handy tool so to speak. It can safe some time if you dont have enough left ...

oHawko


..:: Nuclear Winter Crew
::..

[www.nuclearwintercrew.com]



..:: Infexion Security Group Leader ::..


#9 Tingeling87

Tingeling87

    Private

  • Members
  • 1 posts

Posted 17 April 2007 - 01:01 AM

It really is good yes :) Got some valuable pws from them...

#10 RudeYute

RudeYute

    Private

  • Members
  • 5 posts

Posted 04 July 2007 - 03:13 PM

Tried this last night, and had no luck with the one machine I tried it on.... will try it on one which I know the password for tomorrow maybe.

Currently in middle of downloading the ~35GB set from schmoo to try on this machine... hope that works.

#11 domzi123

domzi123

    Private

  • Members
  • 1 posts

Posted 21 April 2009 - 08:19 AM

hi i tried to run a ophcrack live cd on vista ultimate but there was an operation that failed it sed that it couldn't setup the time or i don't no what, so can anyone help me???????????? :blink: :blink: :blink: :blink: :blink:

EDIT - KV: Don't dreg up old posts.

1. You did not list a version you are running.
2. We are left to assume you are running the version from 2007! Current Version is ophcrack - 3.2.1
3. Suggest you check out the rules..


#12 3lit3H4x0r

3lit3H4x0r

    Private

  • Members
  • 11 posts

Posted 21 April 2009 - 02:49 PM

It would be more helpful if you could more accuratly describe the error you receive.

Due to the lack of LM hashes, Vista passwords stored in the SAM file are harder to crack. However, the NTLM hash is the same as always and can be cracked if the password is weak.

I have some video tutorials if you would like.
This is our world now. The world of the electron and the switch; the beauty of the baud. We exist without nationality, skin color, or religious bias. You wage wars, murder, cheat, lie to us and try to make us believe it's for our own good, yet we're the criminals. Yes, I am a criminal. My crime is that of curiosity. I am a hacker, and this is my manifesto." Huh? Right? Manifesto? "You may stop me, but you can't stop us all."


#13 illwill

illwill

    Specialist

  • Sergeant Major
  • 570 posts

Posted 21 April 2009 - 03:50 PM

hi i tried to run a ophcrack live cd on vista ultimate but there was an operation that failed it sed that it couldn't setup the time or i don't no what, so can anyone help me???????????? :blink: :blink: :blink: :blink: :blink:



nice way to start off your first post by opening an old thread, the least you could have done was post an accurate error or screenshot <_<

#14 walidzak

walidzak

    Private

  • Members
  • 4 posts

Posted 25 April 2009 - 02:21 AM

The difference with other programs out there is that they have a Slax based LiveCD that comes preloaded with rainbow tables for alphanumerical passwords. Since the image fits on a cd and is only 362.2 MB in size i thought "WTF? rainbow tables are muuuch bigger, this must be a joke". The rainbowtables support upto 14 chars, which should be enough for most ppl.
hello every body




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users