Ophcrack es una herramienta para crackear las contraseñas de Windows basada en las tablas Rainbow. It is a very efficient implementation of rainbow tables made by the inventors of this method. It comes with a graphical user interface and runs under Windows, Mac OS X and Linux. Break LM and NTLM hashes. Upload hashes from local SAM and remote SAM (SAM is the database of Windows users – Security Accounts Manager). Let's go, is a tool that cracks all Windows passwords in seconds, whether local or remote, from other partitions and it doesn't matter which version of Windows you are running.

Instalando ophcrack en Windows y ejecutándolo en él o una máquina remota – HERE
Hackeando una máquina con la LiveCD de ophcrack – HERE

Instalando ophcrack en Windows y ejecutándolo en él o una máquina remota,

Tenemos esta posibilidad, instalarla en un PC con Windows y reventar las contraseñas locales que no nos sepamos o las remotas de cualquier otro equipo. Lo primero de todo es hacernos con el software gratuito en su web oficial: HTTP://ophcrack.sourceforge.net.

Comenzamos la instalación simple de este software… “Next” to begin installation,

Select the installation path, x default: “C:Archivos de programaophcrack” & “Next”,

Y ahora necesitamos descargar las tablas Rainbow para reventar la SAM, así que seleccionamos las que nos interesen y continuamos, “Next”,

El nombre para el menú Inicio… “Next”,

Comprobamos que todo es OK en el resumen y pulsamos en “Install” To install ophcrack,

… We wait while the Rainbow tables are downloaded…

OK, Installed perfectly, “Finish”,

Now we run it, We open the 'ophcrack' icon,

This is the main screen, Where we will see the hashes of the Microsoft accounts.

Well, Let's attack something, for this, We can get them from a PWDUMP file, Or from an encrypted SAM, Or from a local machine SAM or a remote machine SAM. In this document we will see the users and passwords of a remote machine, so we select: “From remote SAM”,

We enter the IP or hostname of a remote machine, Its admin$ directory and click “OK”,

It shows us the users detected in that machine's SAM database, Now we simply click “Launch” And it will start cracking the passwords,

After a few seconds it will have cracked the passwords of all users it finds!!!

Hackeando una máquina con la LiveCD de ophcrack,

Ophcrack LiveCD is a Linux distribution based on Ubuntu that runs the ophcrack utility on it. We download it from its official website and burn it to a CD, Now we just need to boot the PC we want to target with this CD. We download the distro from: HTTP://ophcrack.sourceforge.net.

We start the target PC with the Ophcrack LiveCD distribution, We select in the grub “Ophcrack LiveCD Graphics mode (Auto Mode)”,

We wait while the computer boots with this CD…

And ophcrack will automatically start, It will show us the users of the PC in question and start cracking the passwords…

After a few seconds it will have retrieved the passwords of all the users on the machine!!!

If we want to protect ourselves from this tool, It could be done by following this document from the Microsoft KB: http://support.microsoft.com/kb/299656/

www.bujarra.com – Héctor Herrero – Nh*****@*****ra.com – v 1.0