Recover Passwords Using Ophcrack Bootable CD

Recover Passwords Using Ophcrack Bootable CD

Nov 29, 2011

18 Flares Facebook 11 Google+ 2 Twitter 2 StumbleUpon 1 LinkedIn 2 Filament.io -- 18 Flares ×

This tool is by far the most effective password recovery software that you can use for free. Most of all the recovery process happens automatically which is very favorable to non-technical people. The only troubles you will be dealing with are the process of downloading the ISO image from the Ophcrack website, proper burning of the ISO image to an optical drive and booting your computer from a CD/DVD drive. I know that you can handle these tasks from your own so I will leave it up to you. In booting your computer from an optical drive, you might want to refer to the motherboard’s manual that contains the necessary key to launch the menu that will allow you to change some settings on the boot order.

Normally by default, most BIOS settings were configured to boot first from your optical drive. If this is not your case, you can try hitting the ‘DEL’ button that is commonly used to launch the BIOS menu settings. Also there are some key (F8) that can give you access to the ‘Boot Menu’. Using this menu you can boot directly from a CD/DVD ROM drive without going through the hassle of changing anything from the BIOS settings.

If you already manage to boot your computer from the Ophrack bootable CD you can now proceed to the instructions listed below.

Warning: You should Ophcrack only on computer/laptop that you own. Also you should recover only the password that belongs to you. If the password or the computer belongs to anybody else, you should seek the approval of the owner first before attempting to recover his/her password.

  1. After successfully booting from the Ophcrack CD you should see a menu that is similar to the image below. You can wait for the timer to expire or you can press the ‘Enter’ key while the Ophrack Graphic Mode is highlighted to start the process immediately. But as I have told you the whole process happens automatically. This is just to guide you to the process so that you will know if you’re doing fine.

1x1.trans Recover Passwords Using Ophcrack Bootable CD

Note: If for some odd reasons that you did not see the Ophcrack menu screen, you can try to boot again from the Ophcrack CD. But if you are very sure that you’re doing the right thing, you should check that you have properly burn the ISO image to the CD or DVD. Make sure that the ISO image file is not corrupted prior to burning it on an optical disc.

  1. The next screen that you will see is the process of loading the different software for the Ophcrack application to be able to recover the encrypted passwords residing on your hard drive. This process was taken care of by SliTaz – the stripped version of a Linux operating system.
1x1.trans Recover Passwords Using Ophcrack Bootable CD

Ophcrack Bootable CD Booting-up

  1. When all of the required sub-applications were already loaded, Ophcrack will then try to locate the hard drive partition that contains the encrypted password database file. You will see a screen that will pop out your screen and will disappear quickly so you might miss it. This stage in the recovery process is very important. If this step will fail, all else fails.
  2. The Ophcrack window will then appear if the correct database password is found. On the user column (located far left) is the list of users that was extracted from the password database. On the NT Pwd column, you will see the entire password that has been recovered. If the password appears to be blank, Ophcrack has not recovered it yet. On the other hand, if the word ‘empty’ is listed you can login using that account without providing any password at all. To check for the progress  of the password recovery process, look at the ‘Progress’ bar that will becomes full green in color when the whole process of recovering password has finished.

1x1.trans Recover Passwords Using Ophcrack Bootable CD

  1. If the password of a particular user account you were looking for has already been recovered, you can stop the process by hitting the button ‘Stop’ located at the top menu. Also just make it sure that you already listed down the recovered password before hitting the ‘Exit’ button.
  2. Before exiting the Ophcrack screen, remove the bootable CD from the optical disc drive. Click the ‘Exit’ button then restart your computer.
  3. After logging in on your Windows user account using the recovered password, don’t forget to change it to something that you can easily remember. You can check my post here on how to create hard to guess password that you can easily remember.


Leave a Reply