System Hacking - p.10

Lab 10

Password Cracking Using Ophcrack

Ophcrnck is a free open source (GPL licensed) pmgram that cracks Windows passn ׳ords by using LM hashes through rain bon ׳ tables.

Lab Scenario

in a security system that allows people to choose their own passwords, those people
tend to choose passwords that can be easily guessed. Tins weakness exists 111
practically all widely used systems instead of forcing users to choose well-chosen
secrets that are likely to be difficult to remember. The basic idea is to ensure that
data available to the attacker is sufficiently unpredictable to prevent an off-line
verification of whether a guess is successful or not; we examine common forms of
guessing attacks, password cracking utilities to develop examples of cryptographic
protocols that are immune to such attacks. Pooiiy chosen passwords are vulnerable
to attacks based upon copying information. 111 order to be an expert ethical hacker
and penetration tester, you must understand how to crack the weak administrator or
system user account password using password cracking tools. 111 tins lab we show
you how to crack system user accounts using Ophcrack.
Lab Objectives

The objective of this lab is to help students learn:

■ Use the OphCrack tool
■ Crack administrator passwords

Lab Environment

To earn־ out die lab, you need:

" OphCrack tool located at D:\CEH-Tools\CEHv8 Module 05 System Hacking\Password Cracking Tools\Ophcrack

■ Run this tool on Windows Server 2012 (Host Machine)
■ You can also download the latest version of LOphtCrack from the link http:/ / ophcrack.sourceforge.net/


■ Administrative privileges to run tools
■ Follow the wizard-driven installation instructions

Lab Duration

Time: 15 Minutes

Overview of OphCrack

Rainbow tables for LM hashes of alphanumeric passwords are provided for free by developers. By default, OphCrack is bundled with tables diat allow it to crack passwords no longer than 14 characters using only alphanumeric characters.

Lab Task

1. Launch the Start menu by hovering the mouse cursor on the lower-left corner of the desktop.

FIGURE 9.1: Windows Server 2012 - Desktop view

2. Click the OphCrack app to open the OphCrack window

FIGURE 9.2: Windows Server 2012—Apps

3. Tlie OphCrack main window appears

FIGURE 9.3: OphCrack Main window

4. Click Load, and then click PWDUMP file

Fig 9.4: Selecting PWDUMP file

5. Browse die PWDUMP file diat is already generated by using P\\T)UMP7 111 die previous lab 110:5 (located at c :\hashes.txt).
6. Click Open

FIGURE 9.5 import the hashes from PWDUMP file

7. Loaded hashes are shown 111 the following figure

FIGURE 9.6 Hashes are added

8. Click Table. The Table Selection window will appear as shown in the following figure.

FIGURE 9.7: selecting die Rainbow table

Note: You can download die free XP Rainbow Table, Vista Rainbow Tables from http:// ophcrack.sourcelorge.net/tables.php

9. Select Vista free, and click Install.

FIGURE 9.8: Installing vista free rainbow table

10. The Browse For Folder window appears; select the the table_vista_free folder (which is already download and kept at D:\CEH-Tools\CEHv8 Module 05 System Hacking\Password Cracking Tools\Ophcrack)

11. Click OK.

12. The selected table vista free is installed,; it shows a green color ball which means it is enabled. Click OK.

FIGURE 9.9: vista free rainbow table installed successfully

13. Click Crack: it will crack die password as shown 111 die following figure

FIGURE 9.10: passwords ate cracked

Lab Analysis

Analyze and document the results related to the lab exercise

Questions
1. What are the alternatives to cracking administrator passwords?