Warning: This is for Educational
purpose only. Please, if you are viewing this do not use it for illegal purpose
and if you do Best4hack won't be held responsible for the consequences. So
be warned!!
In a previous post on windows hacking, I already gave you a
detailed explanation of how to bypass windows passwords with kon boot. I’m so
sure a lot of you were not pleased with that because you don’t just want to
bypass the victim’s login password but you also want to know it so you can just
log in anytime without going through the long bypass process.
Ophcrack is an offline password cracker meaning you can use
it without a connection to the internet unlike some other password crackers. It
performs hybrid attacks where it uses brute force when needed or otherwise it
uses dictionary attack.
Brute force is a type of attack where all possible
combinations from a-z,A-Z,0-9 are tried by the brute forcing tool to achieve a
password crack.
Dictionary attack is a type of brute force attack that is
based on dictionary words. It tries all the words in the dictionary so if your
password is a dictionary word, it is very vulnerable. Some software developers
have designed some dictionary attack tools with function of a specifying a
particular dictionary. For example, where I know there a lot of Naruto freaks,
I may just use a Naruto dictionary attack to try to crack password of one of
them. This will simply try all the characters in Naruto to see which character
is used as password or Naruto term.
Now follow these steps to crack the password:
Step1: Download
Ophcrack from http://ophcrack.sourceforge.net
, you can just select the version/edition of windows you want to attack. It’s
totally free, no payment required.
Step2: Install Ophcrack on an empty Cd/dvd. You can also
install ophcrack on your pen drive (flash drive) by using Unetbootin.
Step3: Insert your Cd or pen drive into the victim’s PC and
restart it.
Step4: Just before the windows come up, go to the boot
priority to select CD or USB device, depending on where you have installed it.
Note: To enter boot priority of dell laptops, press F12, on
HP/Compaq press F9. For other models, you can make research about that.
Step5: Now once you’ve selected that, Ophcrack displays. You
can just relax while it performs the password cracking. It may take a while so
you have to be patient. As the real computer experts are always patient with it
because they know the work it’s going through.
Now a table displays showing the hash. This is because our
entire passwords are converted to hash and stored in SAM (system account
manager). You can locate your SAM by following this path C:\windows\system32\config
So we have the LM hash meaning the LAN manager hash. Also
you we have LMNT password.
The password is cracked in the table and displays a LM
password and also NT password. The LM password is not case sensitive so you may
get uppercase displayed on LM password column which may not be correct. The NT
password column gives you the exact Case used for the password. Now you have
seen the “NT password” and the crack is successful.
Countermeasure
To prevent this kind of attack, you can simply implement
physical security. This is when you monitor your computer and make sure it is
not left alone where an attacker can try this attack.
You can also increase your password security by making your
password 14 characters or more containing uppercase characters (A-Z), lower
case characters(a-z), digits (0-9), symbols (&,^,$,|,~).
An example password is: bird?Bird>yes|34gle>beTter
When I tried using the tool for my 22 character password
with all the other features as the one above, it produced no result. So
Ophcrack is too dumb to break my security.
0 comments:
Post a Comment