Hi, i'm completely new to this. forgive my ignorances... haha

ok, so my friend challenged me to figure/crack his windows XP logon password, and has told me it's 20 characters. i should also add that he is only using alpha numeric, and i'm not sure with or without lowercase, etc.

I figure brute force on any computer would take too long, and i need something that could work in perhaps 30-45 minutes tops.

I have ophcrack, but it only works for up to 14 characters.

my question is, does anyone have a link to a table or something that i can use that would enable me to do this?

Lets see, someone check this please assuming LowerCase + Nums only

(36^20)/2 000 000 000/60/60/24/365
=2.119402355854219632775058025205479452054794520547945205479452054794520547945205479452054794520547945205479452... x 10^14 Years

Assuming you are using GPU acerleration cracking at 2 Billion passwords/sec

Your best chances would be to use wordlists of length 20? or combine lists to get you length 20 words.
Looks like bruteforcing is definately out of the question.

/offtopic

you noticed 47945205 repeats?

2.119402355854219632775058025205479452054794520547945205479452054794520547945205479452054794520547945205479452

now all the math gurus here are going to write a long reply why that is. j/k :p

... because you are dividing two integers (rational number) and the divisor has prime factors that are not 2 and 5.

i don't know what that means but awesome nonetheless

ok, so bruteforcing is way out of the question, and i knew that.

but does anyone know how i can make a table perhaps that would specifically cater to this? 20 characters long, aplha numeric, probably works with a word list, and is either physics or chess related.

When you generate a table, you'll need more computing power then when you bruteforce the same keyspace once. Generating a table for "single use" only is not worth it.

In this case, you're playing a guessing game. Your friend thinks of a password or -maybe- a simple sentence and you need to guess it. So badger him for more clues

your best chance would probably be to install a keylogger on your friends computer because you're really not left with much of a choice, either wordlists +rules, word combinations pretty much.

Screw that, all you need is a rubber hose: http://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis

that's the way to do it !

haha i don't think i'll be using the rubber hose method..

any tips on a keylogger? i don't know too much about them, but i'd prefer one that would record all keystrokes from the moment of XP loading, so i get his login, and then send me the file in an email or something periodically.

well when i said keylogger i was thinking more on the lines of something like this

http://cgi.ebay.com/KEYLLAMA-VALUE-USB- ... 51904f2fc7

though i'm sure software ones will suffice providing your friend isn't running any antivirus apps.
If i recall perfect Keylogger by blazing soft, doesit via a keyboard driver so yes it picks up the key when he logs in.

Perfect Keylogger also have a LITE edition which is free for home use.

yea i'm not a hardware person... especially since he's using a laptop.

sorry for double posting, but do you know of any free keyloggers? perfect keylogger only works on a trial version, which isn't that great for long term keylogging...

no offensive hacking here. move your questions to another forum.