How to crack Windows XP local account passwords with a USB/Jump drive

I browsed the web, found a few failed attempts, and then found the one that worked great, and I liked. The only issue that i’ve seen is that it can only decrypt passwords less then 15 characters, but I have not tested that.

Find a jump drive, at least 1GB in size (data will be erased, so copy anything pertinent off).

Download ophcrack livecd XP 2.3.1 (note, if you want to do a Vista/Windows 7 recovery use ophcrack livecd VISTA/7 2.3.1)

Download tazusb.exe

Now that you have everything needed, we can go through setting up the jump drive as a bootable device, using the ISO’s you just downloaded. This step is very simple, you will not have to install anything, that tazusb.exe is a portable “run once” application.
So start/run tazusb.exe
hit next
browse out to the ISO you downloaded
Select the destination drive
Hit install

You should see things being copied over, and once completed, you should be safe to reboot, or plug it into the machine you do not know the password to. What I like about this ophcrack, is that once it is set up, it is 100% automated. All you need to do now is :

Boot to USB (typically pressing F12 before splash screens will get your boot device options)

Select your jump drive

Select automatic

[zp src=”ophcrack1.jpg” album=”blog/ophcrack/” width=”600″]

You’ll see some text go by

[zp src=”ophcrack2.jpg” album=”blog/ophcrack/” width=”600″]

Now you just wait, while it brute forces the passwords for you. What I like about this, is that you do not even need to select what you want, it will brute force all of the accounts on the computer.

[zp src=”ophcrack3.jpg” album=”blog/ophcrack/” width=”600″]



ophcrack project homepage

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.