Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman’s original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds. Yes, you read that right, in SECONDS. The application automates the cracking process, from dumping the sam database into the application, to cracking it and displaying the result in an easily readable grid.
First, you'll need to have admin rights on your machine or network to use the application. If you don't, then you have no business fooling around with password crackers. Be careful if you do this! You will need to get the proper authorization from management because if you don't, you may end up without a job. If you use it on your own machine, then don't worry about this.
How to crack a Sam Database using Ophcrack
1- Get the application from
SourceForge.
2- Do a full installation of the product. Be sure to select the "Download alphanumeric table from Internet" radio button. This will download and install the proper charset in the application and will be used to crack your SAM database. These tables are distributed freely under the GNU general public license (GPL) and come in two size : SSTIC04-5k is a large one (720MB) for machines having atleast 500M of RAM and SSTIC04-10k is a smaller table set (388MB) for machines having less than 500M of RAM.
3- Start the application and select Load -> Local SAM file or Remote SAM file (Network) (Your anti-virus application may give you an alert at this point, it should categorize the alert as something like "Hack Tool"). You should see the list of your users appear in the application now.
4- Click "Launch". If you have 200/300 users, this should take a while, but you'll start receiving results in 10-20 seconds, depending on the speed of your computer.
5- Voila, you're done. Dump the result in a text file via "Save As", print it up, and show it to your boss. If you want to persuade your company to adopt a strong password policy, this might be what you need to convince them. Whatever you do, NEVER forget to get the proper authorization when you do this.
