[Guide] Ophcrack Live 2.3.1

[Netshroud]

Download Ophcrack LiveCD

Booting Ophcrack is rather simple. Simply extract the 'boot' folder from the ISO to any location, rename as you wish. I used /boot/boot.ophcrack for this. The boot folders from the XP and Vista ISOs are the same, so just use one.

Ophcrack also needs the tables. I put them in the root of the drive so that they are automatically detected, however you can move them and then point Ophcrack at them manually. This is the 'tables' folder in the ISO. You can extract tables from the other ISO (XP or Vista, whichever you didn't do already) into this folder on your USB, and load them from there. If they are in /tables, Ophcrack will automatically detect them.

Then add this to your config file:

Grub Legacy and Grub4DOS:

title Ophcrack Live 2.3.1
kernel /boot/boot.ophcrack/bzImage rw root=/dev/null vga=normal lang=C kmap=us screen=1024x768x16 autologin
initrd /boot/boot.ophcrack/rootfs.gz

Grub2:

menuentry "Ophcrack Live 2.3.1" {
  linux /boot/boot.ophcrack/bzImage rw root=/dev/null vga=normal lang=C kmap=us screen=1024x768x16 autologin
  initrd /boot/boot.ophcrack/rootfs.gz
  }

Syslinux:

MENU LABEL Ophcrack Live 2.3.1
KERNEL /boot/bzImage
APPEND initrd=/boot/rootfs.gz rw root=/dev/null vga=normal lang=C kmap=us screen=1024x768x16 autologin

[~JC~]

this doesnt work for me.

[Netshroud]

What error message are you getting, and where are you getting it?

[~JC~]

it was a problem with the directory name. i dont have the boot.ophcrack directory. i took that out and it works fine..

i would also like to add, if you want to put OPHcrack in its own file, just to "clean up," you need to modify the ophcrack.cfg file with the correct file names, and your also gonna have to modify the MD5 checksum and your menu.lst. simple really. just a pita.

[Trip]

is there anyway to make ophcrack not readonly ?

[H@L0_F00]

You'll have to do some digging through the initrd. I heard that Live CDs on USB that mounted the USB as rw were prone to VERY early deaths do to many write-cycles.

You will have to find the part where the script auto-mounts the drives. To get started, you can see how I messed with the initrd of both Ophcrack and BT4 to get them to do what I wanted.

Edited April 11, 2010 by H@L0_F00

[Trip]

cheers for the advice i posted a message on the ophcrack forum yesterday .... will wait to see if i get a reply.

ill check your links out too

^^ you mentioned in your post 'too many write cycles' <<< so you mean you can frazzzle usb stick using them to boot from ?

will let you know if ophcrack replies ;)

tbh its darn annoying not being able to save the files to usb ... there are going to be occasions when you need to grab data fast ... ie... save the hashes to disk for analysis later .... you'd think it common sense to be able to save the data

.... would it be possible to install ophcrack to cdlinux ? this would save alot of hassle :)

i think this should be pretty straight forward ... i just checked the site and grabbed the source ... will try installing in a mo ;)

Edited April 12, 2010 by Trip

[Trip]

i found this ... http://linux.dell.com/wiki/index.php/DRU_D...stering_Utility

im going to see if i can get it to work with ubuntu first ... then back track ... if that works ill try cdlinux

[H@L0_F00]

Booting from a flash drive doesn't (usually) write anything to the drive, so no, booting from it won't mess it up. It's the writes to the drive that degrade the cells, which will eventually become unusable after many, many writes. It doesn't just stop working all of a sudden, you will just notice lose of usable storage as time goes by due to some cells dying here and there. You can do more research on it for a better explanation.

I can't remember where I found the info, but it was talking about how mounting it synchronously might result in many writes to the disk. To prevent this, you could mount it asynchronously, but that would mean having to make sure you shut it down properly EVERY TIME... Which is not always possible when you have limited time/privacy to do what you need to do or grab what you need to grab.

Also, good find on the DRU.

[Trip]

no way i never even knew about cell degradation will wiki it later

Also, good find on the DRU.

it looks like just the ticket but i couldnt get it to function on ubuntu :(

if you have any success please let me know what you did ;)

[tomly]

Hello.

As it's my first post I'd like to say "Trust your technolust" to everybody.

Now I'm getting to the point. I've been trying to get Ophcrack 2.3.1 working on my USB drive.

That's my tree:

f:disk

-menu.lst

-grldr

-tables:

--VISTA_FR:

---MD5SUM,...and so on;

-boot:

--ophcrack:

---BZIMAGE,...and so on.

My GRUB4DOS entry is:

title Ophcrack Live 2.3.1

kernel /boot/ophcrack/bzImage rw root=/dev/null vga=normal lang=C kmap=us screen=1024x768x16 autologin

initrd /boot/ophcrack/rootfs.gz

Everything goes fine until Ophcrack is booted and window with directories of tables and hashes appears. At that moment i get segmentation fault.

I've no idea what's wrong. I hope you could help my solve this annoying issue.

tomly

Edited April 16, 2010 by tomly

[ElverK]

I know this has been left untouched for sometime, but I would like to know if you, tomly, were able to fix the "Segmentation fault" issue.

If not, does anyone know what is causing this and how to fix this?

I've tried about every way described in this forum to install Ophcrack on my flash drive and it still gives me and other tested computers the Segmentation fault error.

[Charles]

I've had no problems at all with Ophcrack. I even changed the location of the /tables/ directory using the guide here.

My menu.lst looks like this:

### OphCrack XP/Vista/7 ###
title OphCrack
configfile /multipass/ophcrack/ophcrack.lst

ophcrack.lst

title Ophcrack Graphic mode - automatic
kernel /multipass/ophcrack/bzImage rw root=/dev/null vga=normal lang=C kmap=us screen=1024x768x16 autologin
initrd=/multipass/ophcrack/rootfs.gz

title Ophcrack Graphic mode - manual
kernel /multipass/ophcrack/bzImage rw root=/dev/null vga=normal autologin
initrd=/multipass/ophcrack/rootfs.gz

title Ophcrack Text mode
kernel /multipass/ophcrack/bzImage rw root=/dev/null vga=normal screen=text autologin
initrd=/multipass/ophcrack/rootfs.gz

title Main Menu
root (hd0,0)
configfile /menu.lst

Directory structure:

[vista_free]
[xp_free_fast]
[xp_free_small]
bzImage
ophcrack.lst
rootfs.gz

[WhiteTiger]

If You All Want To Get It Working On A Boot To Iso Here Add Iso To Your USB And Add This To Menu.lst

title OphCrack 2.3.1 (Windows Password Cracker)

find --set-root /ophcrack-vista-livecd-2.3.1.iso

map /ophcrack-vista-livecd-2.3.1.iso (0xff)

map --hook

root (0xff)

kernel /boot/bzImage rw root=/dev/null vga=normal lang=C kmap=us screen=1024x768x16 autologin

initrd /boot/rootfs.gz

[ptl161]

I've tried about every way described in this forum to install Ophcrack on my flash drive and it still gives me and other tested computers the Segmentation fault error.

key man insurancebrake repair estimateAdidasFranzösisch ÜbersetzungenDirect Line Promotional Codecharm bracelet charmProperty Management Directoryheel painUK offersdragon age 2altium designer trainingExtended Warrantyresidential moversMississauga Real EstateSign Flagsequity release schemesoptikerWeb design firmsbreast enlargementcharm braceletsoem cd changercornish pasty franchiseshipping insuranceMyrtle Beach Short Salehealth insurance Michiganwebsite designOmega 3 oilsjane iredale

Edited January 17, 2011 by ptl161

[konsti4u]

Hi guys, i found a solution (the solution?)

The problem i had was because of the unpacker (WinRar)! WinRar unpacked all files in uppercase and some files get different names (vmlinuz-2.6.29.3-slitaz -> VMLINUZ_.3_S) while unpacking the .iso file. Then i used 7zip, copied the files to usb and everything works like a charm!

If you already copied files to the usb disk, you have to delete them first, overwrite it won't work and the files will get the old uppercase name, if you do. You have to delete them first manually!

I hope this helps some of you!

[konsti4u]

(This was my workaround/fix for the segmentation fault error)