SecurityXploded.com
Windows Password Kracker : Free Windows Password Recovery Software (LM/NTLM HASH).
Windows Password Kracker
See Also
Contents
 
About

Windows Password Kracker is a free software to recover the lost or forgotten Windows password. It can quickly recover the original windows password from either LM or NTLM Hash.

Windows encrypts the login password using LM or NTLM hash algorithm. Since these are one way hash algorithms we cannot directly decrypt the hash to get back the original password. In such cases 'Windows Password Kracker' can help in recovering the windows password using the simple dictionary crack method.

Before that you need to dump the password hashes from live or remote windows system using pwdump tool (more details below). Then feed the hash (LM/NTLM) for the corresponding user into 'Windows Password Kracker' to recover the password for that user.

In forensic scenarios, investigator can dump the hashes from the live/offline system and then crack it using 'Windows Password Kracker' to recover the original password. This is very crucial as such a password can then be used to decrypt stored credentials as well as encrypted volumes on that system.

'Windows Password Kracker' uses simple & quicker Dictionary based password recovery technique. By default it comes with sample password file with common password list.

However you can find good collection of password dictionaries (also called wordlist) here & here.

Though it supports only Dictionary Crack method, you can easily use tools like Crunch, Cupp to generate brute-force based or any custom password list file and then use it with 'Windows Password Kracker'.

Windows Password Kracker works on both 32 bit & 64 bit windows systems starting from Windows XP to Windows 10.

 
Features
  • Free tool to quickly recover the Windows login password.
  • Supports Windows password recovery from both LM & NTLM Hash.
  • Uses simple dictionary crack method.
  • Displays detailed statistics during Cracking operation
  • Stop the password cracking operation any time.
  • Very easy to use with cool GUI interface.
  • Generate Windows Password Recovery report in HTML/XML/TEXT format.
  • Includes Installer for local Installation & Uninstallation.
 
Installation & Un-installation
Windows Password Kracker comes with Installer to help in local installation & un-installation. This installer has intuitive wizard which guides you through series of steps in completion of installation.
At any point of time, you can uninstall the product using the Uninstaller located at following location (by default)
[Windows 32 bit]
C:\Program Files\SecurityXploded\WindowsPasswordKracker

[Windows 64 bit]
C:\Program Files (x86)\SecurityXploded\WindowsPasswordKracker
 
 
How to Dump LM/NTLM Hash & Crack it?
'Windows Password Kracker' is very easy to use tool for any generation of users.

Here are simple steps

  • Install 'Windows Password Kracker' on any system (preferably faster high end systems).
  • Use pwdump tool (here is the video link) to recover the password hashes from live or offline windows system. Sample output will be as shown below
    Administrator:500:D702A1D01B6BC2418112333D93DFBB4C:C8DBB1CFF1970C9E3EC44EBE2BA7CCBC:::
    ASPNET:1001:359E64F7361B678C283B72844ABF5707:49B784EF1E7AE06953E7A4D37A3E9529:::
    Guest:501:NO PASSWORD*********************:NO PASSWORD*********************:::
    Test:1002:D702A1D01B6BC2418112333D93DFBB4C:C8DBB1CFF1970C9E3EC44EBE2BA7CCBC:::        
Each dumped user account is in following format
   Username : User ID : LM hash : NTLM Hash :::      
On newer operating systems (such as vista, win7 etc) LM hash will be absent as it is disabled by default.
  • Once you get the password hash, you can copy either LM (preferred) or NTLM hash onto 'Windows Password Kracker'.
  • Then select the type of hash as LM or NTLM from the drop down box.
  • Next select the password dictionary file by clicking on Browse button or simply drag & drop it. You can find a sample dictionary file in the installed location.
  • Finally click on 'Start Crack' to start the Windows Password recovery.
  • During the operation, you will see all statistics being displayed on the screen. Message box will be displayed on success.
  • At the end, you can generate detailed report in HTML/XML/Text format by clicking on 'Report' button and then select the type of file from the drop down box of 'Save File Dialog'.
 
Screenshots
Screenshot 1: Windows Password Kracker is showing the recovered Password from NTLM hash.
MysqlPasswordAuditor
Screenshot 2: Detailed Windows Password Recovery report generated by Windows Password Kracker
MysqlPasswordAuditor
 
 
Disclaimer

'Windows Password Kracker' is designed with good intention to recover the Lost Windows Password.

Like any other tool its use either good or bad, depends upon the user who uses it. However neither author nor SecurityXploded is in anyway responsible for damages or impact caused due to misuse of WindowsPasswordKracker

Read our complete 'License & Disclaimer' policy here.

 
Release History
Version 4.0: 11th Dec 2016
Mega 2016 edition to support recovering login password on Windows 10 version. Also added few GUI enhancements and new Installer.
 
Version 3.1: 28th Jul 2015
New feature added to Installer to dynamically download latest version
 
Version 3.0: 26th Mar 2015
Integrated Uninstaller into Windows Add/Remove Programs, now you can uninstall it in a standard way.
 
Version 2.6: 3rd Dec 2014
Removed false positive with various Antivirus solutions
 
Version 2.5: 31st Mar 2014
Improved GUI interface with magnifying icon effects and about dialog changes.
 
Version 2.0:  21st Feb 2013
Quick help link on dumping LM/NTLM hash from system and cracking it. Fix for screen refresh problem and few UI improvements.
 
Version 1.5:  28th Oct 2012
Added support to automatically remember and restore user settings.
 
Version 1.0:  3rd Aug 2012
First public release of Windows Password Kracker.
 
 
Download
FREE Download Windows Password Kracker v4.0

License  : Freeware
Platform : Windows XP, 2003, Vista, Windows 7, Windows 8, Windows 10

Download

 
See Also