1

My friend told me that he can easily crack a Windows SAM file using Ophcrack.

Assuming that I have access to the whole config folder (the one which contains the SAM file) of a Windows machine, is it that easy to crack Windows passwords? Is Windows that unsecured?

Hamza Shezad
  • 29
  • 1
  • 5
  • 1
    I know that it was very easy to do this on Windows XP with a simple Linux live usb. On Windows 7 you were able to simply delete the password and log in. I have't tried Ophcrack, but I guess it's not an impossible task keeping in mind this was possible before. The utility I used was called : chntpw . Now when you say "Is Windows that unsecured?" there a lot of different things that come into play around users and passwords which doesn't make it as weak as you think. – sir_k Sep 29 '15 at 12:27
  • This does not mean that Windows is especially 'unsecured'. If I have the shadow file from Linux, I can run jtr on it and extract all the passwords, too. – schroeder Sep 29 '15 at 14:27

1 Answers1

2

With physically access its not very hard to crack or "erase" a windows machine password even if it has a bios password.

In windows XP in a most case if not fixed, you can login as a default admin in Safe Mode.

Ophcrack works by using LM hashes through rainbow tables. The program includes the ability to import the hashes from a variety of formats, including dumping directly from the SAM files of Windows.

  • Can you explain how it is easy to bypass a BIOS password? – Neil Smithline Sep 29 '15 at 14:28
  • Take the battery out, short the pins to reset the CMOS chip and then you are away. – Patrick Sep 29 '15 at 14:32
  • That works if your card has a reset pin and/or if the card requires the battery to remember the password. Many (?most?) new cards are specifically designed to be tamper proof by using things such as [non-volatile BIOS memory](https://en.wikipedia.org/wiki/Nonvolatile_BIOS_memory). – Neil Smithline Sep 29 '15 at 15:24
  • 1
    Related: http://security.stackexchange.com/questions/19665/bypassing-the-bios-password – Michael Sep 29 '15 at 15:56