Yep, works fine. It's not going to get you into everything, but it's a great way to get into a casually protected computer (Win).

pdok

This program rocks so easy to use, works well was able to get a bunch of passwords using this.

spetz

@Alikia: I've downloaded it before and have never had a problem with it. I'm pretty sure its a false alarm. I tend to trust anything that comes from sourceforge.com.

zach382

As I was downloading it, my antivirus program alerted me of a possible virus/Trojan attached to the program, so halted the download. By the way, the antivirus program was avast! on 'Normal' sensitivity (the lowest sensitivity). Anyone know anything about this?

Alikia

Make sure you have authorization from your company/organization prior to using this kind of tool on company/organization systems.

jtimberman

Is this for local accounts only or can I crack passwords from any windoze machine on the LAN?

jczarni

Was very useful at school...
Until they changed all the passwords and put them on a server somewhere in the depths of the boilerroom. I'm pretty noob at this, but is there any way to find and load those nthashes from the server if i don't know the admin password anymore?

marksman7328

I use a simple password at work that is basically abcABC123 and i increment the 123 when it asks for me to change my pword. It cracked that in under a half hour.

Shai

This will only crack local passwords... I have an older version and it would only handle relatively weak passwords w/o ascii symbols. Cracked systemxp (the admin password at work) in about 15 min.

I don't know if this is a newer version or what.

Shai

Correct me if I am mistaken, but isnt it just Ophcrack the program that has been updated to 3.0?

The site still says the live CD is at 2.0.

tuffkix

I ran the windows version on my computer. It cracked an 8 letter ascii password in about 30 seconds after the tables were loaded into RAM.

syko21

try offline NT password editor. It can delete the passwords completely regardless of length. I was able to crack my test accounts with this ophcrack program, which was neat. Here's a link to that Offline NT password editor, [home.eunet.no]

m-unit

@tuffkix: They aren't keeping the version numbers in sync: ophcrack-livecd 2.0 was released on the same day as OphCrack 3.0

You can see the release history here:
[sourceforge.net]

joelena

meh. There's a CD I have at work that lets you edit, view or even erase windows passwords, all windows OSes from NT to Vista.

Swizzler121

@m-unit: I've had that floppy and disc for going on two years now. Works EVERY time.

Papa Midnight

The website is going crazy slow.

So do we download 2.0? Is it 3.0?

Houseonfire

Does anyone know if version 3.0 will do cached active directory passwords? All this talk about a LiveCD to change passwords is a bit offtopic since we're talking about actually finding the password. For changing the password, just use the old control userpasswords2 trick.

jimforcy

@Houseonfire: If you want the live CD it will be 2.0. If you want the local copy then you install 3.0.

JiveMasterT

There is a 3.0 LiveCD, I have it at work. Didn't automatically start cracking though which kind of frosted me a bit.

jimforcy

Isn't there spose to be a live CD 3.0?

Houseonfire

@Alikia: I remember back in the day that anti virus programs would flag Lophcrack and another tool as dangerous backdoors. Maybe a few still do this, but a quick Google search reveals that a few of the companies list Lophcrack/Ophcrack as a low-risk security-auditing tool.

floatinglist

This disk is so useful when buying second hand computers.

Rich Bradshaw

This is indeed very useful for recovering lost/forgotten passwords. Will this work only on standalone PCs, or can it be run from my PC and used for extracting passwords of other computers on my home LAN?

Neel_Relaxation

For clarity to above above comment, I guess you would require a bootable usb drive, and some type of iso launcher.

Does such a thing exist? I googled...didn't find anything helpful.

sanks

Does anyone know if it's possible to boot the PC from a flash drive, then launch the iso's from there?

sanks

Genius tool, cracks a lot of passwords. I have seen before with the older version that it couldn't crack any passwords that were longer than 13 characters, or ones that had symbols (&, @, #, etc - anything non-alphanumeric). They might have been able to overcome this in the newest version.

@sanks - Yes, you should be able to do the same thing as the CD from a bootable USB drive. The CD is just a small, local copy of Linux with automatic scripts built in to launch Ophcrack. We all know you can get Linux running from a USB drive, so then it's just a matter of getting Ophcrack launched.

Eric S.

If you have a spare USB drive on hand, they have a nice package to make USB bootable Ophcrack.

[www.pendrivelinux.com]

TheFalconer

I'll tell you a funny story.

My mate tells me the week past last that she can't log into windows, tried the Administrator log in and that didnt work so I googled for some help.

I got Ophcrack as a result, downloaded it and tried it, the silly girl didnt have a password but had forgotten what the username was since she'd used automated log on.
I got her laptop sorted and downloaded Firefox and jumped onto Lifehacker - and this post was the first one on the page!! what are the chances!

dougaitken

I had a friend who programmed a live kernel of linux that did this same thing. This was 3 years ago, and it can still do the same today even for Vista...So, this program is entirely too large.

evolutionspot

True whole-disk encryption will defeat this and most similar tools if the tools are run from bootable media (CD/DVD/USB, et. al.)

Alan Thomas

Is there is something inherent in the Windows OS that makes cracking the password reasonably achievable that would not be as easy for files like encrypted zips, etc? Or is this just a brute force crack?

Michael G. Emmons

An old article on how Ophcrack / rainbow tables work:

[www.codinghorror.com]

freddiefenster