If anyone has a moment to test something, I would greatly appreciate it.
I think the most recent version of Ophcrack for both Linux and Windows has a bug. I’ve tested this on two separate machines and am getting the same result.
The problem is when Ophcrack cracks a password that contains a colon. It’s not that it cant crack it, in fact the password does display correctly on the screen (both in the non gui *nix version on the screen as well as within the windows gui), but when it writes to an output file it mangles the colon.
It seems every time there is a colon, it replaces it with a —> Á (C1 in hex). I am 100% certain the password does not have this character and when I double check by checking the NT hash, it does contain a colon.
Bizzare, just wondering if anyone can validate my claims.
For your own testing, you can use this hash: