However, there might be circumstances in which you’d need unnoticed access – being able to use the terminal without literally changing the password.
That’s where Ophcrack comes in. Ophcrack is one of the more effective password hack tools that runs via Windows, Mac and Linux installations or on a Live CD, and it can be used to crack almost any Windows password.
To manage this, Ophcrack uses rainbow tables to guess the password. When a working one is encountered, it is presented to you, and you can simply log in with it. One would think this “guessing” takes a lot of time, but that’s just where the power of rainbow tables lies.
Rainbow Tables in a Nutshell
Operation systems don’t store the user passwords in plain text — that’d be highly insecure, and even right out stupid. Instead, they calculate the hashes of the passwords by putting the passwords through a one-way hash function and store those. When one would obtain these hashes, they would still be rather useless; the password needs to be entered, after which the hash needs to be calculated and compared to the stored password hash.
e.g. ‘makeuseof.com’ would become ‘9fb883363640e11970be10a5936a37fc:b35f6f8268073d2242e0cd8b72554d8a’ when converted to Windows XP’s LM hash.
A rainbow table is basically an enormous list of passwords — basically every password a brute force attack would try — with their respective hashes included. Although this table takes a lot of time to generate, it can reduce the cracking of passwords to minutes, or even seconds.
Ophcrack supplies a few of these rainbow tables, free, for your use. They’re included in the Live CD, can automatically be retrieved from the Windows executable, or downloaded from the Ophcrack website. We’ll quickly look over the available tables, and their possibilities.
For Windows XP, Ophcrack supplies two alphanumeric tables. With these, you can crack 99.99% of all passwords under 14 characters, consisting of a combination between letters and numbers — abcdefghijklmnopqrstuvwxyz0123456789. Because the LM hash used by Windows XP is insensitive to capitalization, these hash tables contain 80 billion different hashes, corresponding with 12 septillion possible passwords.
You can choose between the XP free small and the XP free fast tables. These can both be used to crack the same passwords, but because the XP free fast table is twice as large, you can crack them in half the time.
The downside of both tables is their unability to crack passwords with special characters — these can only be cracked using the premium XP special tables.
For Windows Vista, which abandoned the weak LM hash, and moved on to the stronger NT hash, there are less possibilities. Currently, Ophcrack only gives away a table with dictionary-words and variations (hybrids) for free. If you’re willing to cough up a lot of money (about 99$), they also provide alphanumerical tables – including special characters.
Because the NT hash is subjective to capitalization, and allows a much greater password length (whereas the LM hash simply splits large sequences up in multitudes of smaller strings), these premium rainbow tables can range in size from 8GB to over 130GB.
And that’s the essence of it. There’s some more technical information (a real how-to) in the Ophcrack help files (included in the downloads).
If you’re shivering in your boots after reading this article and thinking,”Gosh, everyone’s going to know how to hack my password. What shall I do?” Then it may be a good time to create a stronger password.
So, what do you think? Is Ophcrack really the pot of gold at the end of the rainbow, or hardly worth one’s attention? — Let us know your experiences, opinions and questions in the comments section below.