Today we experimented with the new hotness in password cracking: Ophcrack. We slapped windows XP pro, service pack 2 on an old clunker and DWORD started creating the accounts. While he did this, I made myself useful and started looking for some good XP service pack 2 exploits. Only problem with this is I forgot I was running the same thing. Needless to say, it didn’t end well. I knew I was excited about the release of Fedora Core 8 for a reason.
Now I can’t let a live boot distro of Linux go without some type of complaint and here it is: HOW CAN YOU MAKE A LINUX PROGRAM THAT CAN’T BE RUN FROM THE COMMAND LINE!? Yes, that’s right, version 2 of Ophcrack can not be run from the command line, although version 1.1 apparently can. How do you sleep at night?
Once we got the GUI up and running, all we had to do was insert the CD and watch. The easy password, MONKEY, was guessed right away. After two minutes the medium password, abw7192, was cracked. After ten whole minutes of eating pizza and plotting world destruction the hard password, x18G7Qk48Y, was cracked. Only one would remain, the insane password that contained special characters such as: $, [, ‘,.
All in all not a bad program and sure to be a script kiddie favorite; just don’t expect any magic from the command line.
-Paz
Labels: Linux, Live boot, Ophcrack, Password, Password cracking
