Ophcrack vs Windows XP

[kurt]

In my office machine, after I logged into the company domain, the Windows XP login screen becomes different than the normal ones. It requires [ctrl+alt+del] to open up a login-password box. The login that I have is given by my company. So, in this box, there's 2 main logins:

- The initial admin Windows XP login that is created during installation of the OS

- The company's NTLOGIN

So, I tried Ophcrack Live CD, and managed to get the initial admin Windows XP login password, but it did not detect the company's NTLOGIN at all.

I'm guessing the NTLOGIN's hash is not in the pc itself, but it is retrieved from the network, so Ophcrack won't work on such logins?

Question:

1. Does that mean the NTLOGIN style is not crackable?

2. If yes, how can I make such a login for my home setup, to secure up login at my home PC?

Thanks in advance!

[Sparda]

1. Does that mean the NTLOGIN style is not crackable?

No, but you will need access to the domain controller.

2. If yes, how can I make such a login for my home setup, to secure up login at my home PC?

Setup a domain controller.

[kurt]

No, but you will need access to the domain controller.

Setup a domain controller.

Hm, I am able to login even when I am not connected to the server. Seems like there should be something saved offline to verify the authentication. Can ophcrack to used to scan the offline item?

[Wetwork]

Ya its called a hash key that gets compared to the hash that lives on the Domain controler but nothing that Ophcrack can use