HOW TO CRACK WINDOWS PASSWORD

Warning: This is for Educational purpose only. Please, if you are viewing this do not use it for illegal purpose and if you do Best4hack won't be held responsible for the consequences. So be warned!!
 
In a previous post on windows hacking, I already gave you a detailed explanation of how to bypass windows passwords with kon boot. I’m so sure a lot of you were not pleased with that because you don’t just want to bypass the victim’s login password but you also want to know it so you can just log in anytime without going through the long bypass process.
Ophcrack is an offline password cracker meaning you can use it without a connection to the internet unlike some other password crackers. It performs hybrid attacks where it uses brute force when needed or otherwise it uses dictionary attack.
Brute force is a type of attack where all possible combinations from a-z,A-Z,0-9 are tried by the brute forcing tool to achieve a password crack.
Dictionary attack is a type of brute force attack that is based on dictionary words. It tries all the words in the dictionary so if your password is a dictionary word, it is very vulnerable. Some software developers have designed some dictionary attack tools with function of a specifying a particular dictionary. For example, where I know there a lot of Naruto freaks, I may just use a Naruto dictionary attack to try to crack password of one of them. This will simply try all the characters in Naruto to see which character is used as password or Naruto term.
Now follow these steps to crack the password:
Step1:  Download Ophcrack from http://ophcrack.sourceforge.net , you can just select the version/edition of windows you want to attack. It’s totally free, no payment required.
Step2: Install Ophcrack on an empty Cd/dvd. You can also install ophcrack on your pen drive (flash drive) by using Unetbootin.
Step3: Insert your Cd or pen drive into the victim’s PC and restart it.
Step4: Just before the windows come up, go to the boot priority to select CD or USB device, depending on where you have installed it.
Note: To enter boot priority of dell laptops, press F12, on HP/Compaq press F9. For other models, you can make research about that.
Step5: Now once you’ve selected that, Ophcrack displays. You can just relax while it performs the password cracking. It may take a while so you have to be patient. As the real computer experts are always patient with it because they know the work it’s going through.
Now a table displays showing the hash. This is because our entire passwords are converted to hash and stored in SAM (system account manager). You can locate your SAM by following this path C:\windows\system32\config
So we have the LM hash meaning the LAN manager hash. Also you we have LMNT password.
The password is cracked in the table and displays a LM password and also NT password. The LM password is not case sensitive so you may get uppercase displayed on LM password column which may not be correct. The NT password column gives you the exact Case used for the password. Now you have seen the “NT password” and the crack is successful. 
 
Countermeasure
To prevent this kind of attack, you can simply implement physical security. This is when you monitor your computer and make sure it is not left alone where an attacker can try this attack.
You can also increase your password security by making your password 14 characters or more containing uppercase characters (A-Z), lower case characters(a-z), digits (0-9), symbols (&,^,$,|,~).
An example password is: bird?Bird>yes|34gle>beTter
When I tried using the tool for my 22 character password with all the other features as the one above, it produced no result. So Ophcrack is too dumb to break my security.

Related Posts:

  • USE WHATSAPP ON PC WhatsApp Messenger is a cross-platform mobile messaging app which allows you to exchange messages without having to pay for SMS. WhatsApp Messenger is available for Android, iPhone, BlackBerry, Windows Phone & Many … Read More
  • QUICKAIRTIME Launches Simpliest Way For Mobile Top-up/Airtime RechargeQickairtime is an online service designed to enable you top-up your mobile phone as quickly as possible on the go. Quick Airtime is a top-up marketplace. When users make a purchase from quickairtime.com, they are actually bu… Read More
  • GSM CODES   HOW TO KNOW ORIGINAL PHONE AND A FAKE PHONE           Before you buy a new phone dial *#06# ,it will display the serial number or IMEI number which must be 15 digits and must begin with 35. … Read More
  • HOW TO USE MOBILE CAMERA AS PC WEBCAM FOR BOTH ANDRIOD AND SYMBIAN How to use Mobile Camera as PC Webcam - Android - Symbian Online chatting has been redefined with the video chat technology and more and more webcams are taking birth introducing new and vast technology, well but side by … Read More
  • WhatsApp For Computer How to Use WhatsApp on your Computer Whatsapp is one the famous and commonly used chatting apps because of this, question on download WhatsApp for pc has been trending for a very long time which is quite okay, WhatsApp … Read More

0 comments:

Post a Comment