How to Hack the Windows Admin Password Using OphCrack in Backtrack tutorial

Posted: January 23, 2013 in Uncategorized

If you are college/school students, you may curious to hack the admin password in your college or school system. This post is going to help you to crack the any type of windows accounts passwords. Learn how to hack the windows admin password like a geek.

Requirements:
BackTrack Linux 4 or 5. Download it from http://backtrack-linux.org
Two Pen drives [if you are going to test in your own system, one pen drive is enough]
Xp Free Fast RainBow table [tables_xp_free_fast.zip]. Download it from here:http://ophcrack.sourceforge.net/tables.php

Install the Backtrack Linux in one pen drive. Leave another pen drive as empty.

Step 1: Booting From Back Track
Insert the Backtrack installed pen drive in target computer[when turned off]. We are going to boot the operating system from pen drive, so insert when the system is turned off.
Now Turn on the system.
Press F10 [boot menu, differs for system] before booting and select boot from Pen drive.
Now it will boot the Backtrack.
Select “Graphical User Interface “
Now wait for a while ( it will execute some commands}
Now you can see the “root:”
type “startx” and hit enter. It will bring you to the GUI view of Backtrack.

Step 2:Copy the SAM and System files
Click the Start button(dragon symbol)
Select System Menu
Select Storage Media(if you see nothing, close the window open it again).

You can see the list of Hard disk and Your pen drive.
Open the windows installed Hard disk and Navigate to this path:
WINDOWS/system32/config/

There you can see two files named as “SAM” and “System”.

Copy the both SAM and system files.
[ Just proceed to next step without closing the window]

Step 3:Insert your Empty Pen Drive
Now again go to System Menu->Storage Media
Open Your pen drive(Empty Pen drive) ,Create a new folder and paste the sam and system files inside that folder

[note: you may not paste into your backtrack installed pen drive. that’s why i asked you to bring 2 pen drives. If you testing in your system, then you can copy to any other hard drive.]

You can not directly copy the sam and system files from same operating system. That’s why we are using Backtrack.

Step 4:Now go to your home.
Boot into windows. Extract the “tables_xp_free_fast.zip” in any hard drive.
Copy the folder that contains sam and system files from your pen drive.
Paste in any hard drive.

Restart the windows.
Insert the Backtrack installed pen drive and boot from Pen drive.

Step 5: Mounting the Hard drive in Backtrack

Now go to System Menu->Storage Media(if you see nothing, close the window open it again).
and open the hard drives that contains sam files and rainbow tables. Then close it.

Don’t be confused. I asked you to open those hard drive for mounting purpose. In linux , it won’t mount automatically until you open the drive

Step 6: Run OphCrack Tool in Backtrack
Open the ophcrack GUI(start->Backtrack->Privilege Escalation->Password Attack->offline Attacks-ophCrack GUI).

Ophcrack GUI application will run now.

Step 7: Loading the folder that contains sam and system files

Click the Load and select “Encrypted SAM” in ophcrack tool.
Now it will ask you to select directory that contains SAM folder.

[Select Computer in file selecting window. click ‘/’ browse to /media/your_Hard_Disk]
Select the directory(don’t open the directory, just select it).

Now it will load and display the list of user accounts in the windows.

Step 8: Target the Admin Account
Here i am going to hack the one of the administrator account “secure” of my computer.
So remove all other accounts except the target admin account.[This is not necessary, but it will increase the cracking speed] by clicking delete button.

Step 9: Install the Rainbow Table
Now let us install the Rainbow table.
Click the Table button in ophcrack tool.
Now it will ask you to selec the table.
we are going to crack windows password right?. So choose the first one. and click the install button.
[note: i have installed the rainbow table already. So it showing green.]

Now browse to the Rain bow table directory. I mean to the “tables_xp_free_fast” folder.
[here also, don’t open the foler, just choose it]

now click ok.

Step 10: Cracking Begins
Click the Crack button.
Wait for a while [ophcrack is the fastest cracking tool. so it won’t take too much time]

Step 11: Password is cracked
Yes..!! we got the password. Now go to your school/college and login with that password.
Enjoy. Don’t forget to share with your friends. This is interesting one na..!
Actually i missed the fun. I didn’t know this hack when i study in college. if i know that time itself,
i may have fun with my college system.

Using Backtrack Installed CD Or single Pen drive:
You will need only one pen drive, if you are going to hack the admin password in the target system itself. Don’t forget to bring the rainbow table in your backtrack pen drive in this case.

you can use cd instead of Pen drive for backtrack installation.
If you use cd, you can not bring the SAM file to your home. You have to crack it in that computer itself

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s