Tuesday, November 27, 2007

ophcrack, all is not lost

Remember Lophtcrack, that's all that's left, a memory. Symantec stopped development. I ran into a few situations where customers needed access to PCs where they didn't have access to the admin password. In both cases an employee left the company and did not pass on the admin passwords. I have 2 solutions that may help.

This is essentially a 2 step process.

1.) get the SAM file from the machine you are locked out of.

2.) Use one of the 2 methods below to crack the file.

A third method involves just replacing the ADMIN password.

» Runs on Windows, Linux and Mac OS X (intel).
» Cracks LM and NTLM hashes.
» Free tables available for alphanumeric LM hashes.
» Loads hashes from local SAM, remote SAM.
» Loads hashes from encrypted SAM recovered from a Windows partition, Vista included.

LC5 attacks your Windows machine with a combination of dictionary and brute force attacks.
LC5 can crack almost all common passwords in seconds. More advanced passwords with numbers and characters takes longer.
The main purpose of the LCP program is user account passwords auditing and recovery in Windows NT/2000/XP.

Another alternative is to simply reset the Admin password:

No comments: