Quiz Entry - updated: 2026.07.05
What is Ophcrack, and how does it use rainbow tables to crack Windows passwords?
Ophcrack is a free Windows password cracker that uses rainbow tables — load NTLM hashes, point it at tables, and it cracks within minutes.
The workflow:
- Get hashes — extract via pwdump →
hashes.txt - Load tables — Ophcrack ships with rainbow tables for NTLM (Vista free, Vista probabilistic, etc.)
- Load PWDUMP file —
Load → PWDUMP file - Click Crack — Ophcrack:
- For each hash, applies the rainbow-table chain reduction
- When it hits a known endpoint, recomputes the chain to find the password
- Reports plaintext alongside username
Why it's specifically for Windows:
- Targets NTLM specifically (no salt → rainbow tables work)
- Built-in PWDUMP file parser
- Tables are sized for Windows password policies (typically 6-9 chars)
Free vs paid tables:
- Vista free (461 MB) — alphanumeric only
- Vista probabilistic free — adds common patterns
- Vista special (paid) — full symbol charsets
- Vista 8 / 10 GB versions — bigger, higher hit rate
Real-world success rate:
For typical user-chosen Windows passwords (≤8 chars, no special charset awareness):
- Free tables: ~70-80% crack rate
- Paid larger tables: ~90%+
Defenses:
- Use passwords ≥12 chars (outside table coverage)
- Use unusual characters not in standard charsets
- On modern Windows, prefer Microsoft account login + Hello PIN which uses different (TPM-bound) credential storage
Tool URL: https://ophcrack.sourceforge.io/ — open source, still maintained.
Tip: Ophcrack works only on local SAM hashes — Active Directory uses Kerberos, requiring different tools (Mimikatz, secretsdump).
Go deeper:
Ophcrack (Wikipedia) — cracks LM/NTLM hashes via precomputed rainbow tables, including the Live CD workflow.