# Install ophcrack with Homebrew, apt, dnf, MacPorts, Nix

Microsoft Windows password cracker using rainbow tables. Version 3.8.0 via Homebrew; verified 2026-06-22.

## Install

```sh
sudo av install brew:ophcrack
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install ophcrack
```

  Evidence: local Homebrew formula metadata

- MacPorts (94%):

```sh
sudo port install ophcrack
```

  Evidence: MacPorts ports tree: security/ophcrack/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1

### Linux

- Debian apt (92%):

```sh
sudo apt install ophcrack
```

  Evidence: Debian stable package indexes: ophcrack from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz

- dnf (92%):

```sh
sudo dnf install ophcrack
```

  Evidence: Fedora Rawhide package metadata: ophcrack from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst

- Nix (92%):

```sh
nix profile install nixpkgs#ophcrack
```

  Evidence: nixpkgs package indexes: pkgs/by-name/op/ophcrack/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

## Package facts

- **Package key:** brew:ophcrack
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/ophcrack>
- **Version:** 3.8.0
- **Source summary:** Microsoft Windows password cracker using rainbow tables
- **Homepage:** <https://ophcrack.sourceforge.io/>
- **Repository:** <https://gitlab.com/objectifsecurite/ophcrack>
- **Upstream docs:** <https://ophcrack.sourceforge.io/index.php>
- **License:** GPL-2.0-or-later WITH openvpn-openssl-exception
- **Source archive:** <https://downloads.sourceforge.net/project/ophcrack/ophcrack/3.8.0/ophcrack-3.8.0.tar.bz2>
- **Last updated:** 2026-06-22T14:05:46-07:00
- **Generated:** 2026-07-08T18:08:21+00:00

## Executables

- ophcrack (cli)
- ophcrack (alias)

## Dependencies

- openssl@4

## Uses from macOS

- expat

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 3.8.0
- Package-manager updated: 2026-06-22
- Local data: ok
- Upstream repository: https://ophcrack.sourceforge.io/
- info: Release/tag comparison is only available for GitHub repositories.
## Project history and usage

Ophcrack is a Windows password-auditing tool based on rainbow tables, packaged as both a GUI/CLI program and historically as bootable LiveCD images. It is best understood as the practical tool that carried Philippe Oechslin's rainbow-table time-memory tradeoff work into Windows LM and NT hash recovery workflows.

### Project history

The official site describes Ophcrack as a free Windows password cracker based on rainbow tables and implemented by the inventors of the method. The SourceForge project credits Philippe Oechslin and Cedric Tissieres, and the GitLab README describes the maintained code as an evolution of the original Ophcrack 1.0 developed at EPFL.

Ophcrack's early strength was attacking Windows XP-era LM hashes with precomputed tables. Later versions and table sets added NT hash support for Windows Vista and Windows 7-era systems, where LM hashes may be disabled or insufficient.

The project moved source hosting from SourceForge-era infrastructure to GitLab by the 3.7.x line, while the SourceForge site remained the main public download and table-distribution page.

### Adoption history

Ophcrack became a recognizable security-auditing package because it bundled an approachable GUI with the hard part of rainbow-table attacks: large precomputed table sets. The official table page documents free XP and Vista table families, including small demonstration-sized tables and multi-gigabyte sets with stated success rates.

Its use declined in many modern password-auditing scenarios as salted hashes, stronger Windows defaults, credential protections, and GPU-oriented crackers changed the threat model. The package remains historically important and still useful for authorized recovery or demonstrations against older Windows hash material.

### How it is used

Users load Windows hashes from supported formats or recover them from a target system, then point Ophcrack at compatible rainbow tables. The tool can be run interactively through its GUI or from the command line, and LiveCD images automated the boot-and-recover workflow for older machines.

The package should be handled as a security-auditing and password-recovery tool: legitimate use requires authorization, and results depend heavily on hash type, password composition, and table coverage.

### Why package nerds care

Ophcrack is notable because the package is only half the story; the data tables are the real payload. Packaging it raises the old security-tool question of whether a formula should provide the engine, the tables, the LiveCD workflow, or only pointers to external artifacts.

It also captures a specific era of password cracking, when precomputed rainbow tables were a practical answer to unsalted Windows hashes before commodity GPU cracking and better credential-storage practices shifted the balance.

### Timeline

- 2003: Philippe Oechslin publishes the rainbow-table time-memory tradeoff work that underpins Ophcrack.
- 2000s: Ophcrack 1.0 emerges from EPFL-related work and becomes distributed through SourceForge.
- 2010s: XP and Vista/7 table families and LiveCD images make Ophcrack a common Windows password-recovery tool.
- 2017: The 3.7.x line reflects the source-hosting move to GitLab.
- 2018-03-06: Ophcrack 3.8.0 is published as the release listed by the official download page.

### Related projects

- Ophcrack is related to rainbow tables, RainbowCrack, John the Ripper, Hashcat, Windows LM and NTLM hash formats, SliTaz-based LiveCD builds, and other password-auditing tools.

### Sources

- <https://gitlab.com/objectifsecurite/ophcrack>
- <https://gitlab.com/objectifsecurite/ophcrack/-/tree/master>
- <https://ophcrack.sourceforge.io/>
- <https://ophcrack.sourceforge.io/download.php?type=ophcrack>
- <https://ophcrack.sourceforge.io/tables.php>
- <https://sourceforge.net/p/ophcrack/wiki/Frequently%20Asked%20Questions/>
- <https://sourceforge.net/projects/ophcrack/>


## Security Notes

escape, surveillance, or offensive capability signal.

- **Geiger risk:** red / medium
- escape, surveillance, or offensive capability signal

## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** ophcrack
- **Version Scheme:** 0
- **Revision:** 1
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** stable

## Other Package-Manager Records

- Debian apt - ophcrack - 3.8.0-3+b3: normalized package name match | Debian stable package indexes: ophcrack from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz | Microsoft Windows password cracker using rainbow tables (gui) | http://ophcrack.sourceforge.net/
- Debian apt - ophcrack-cli - 3.8.0-3+b3: normalized package name match | Debian stable package indexes: ophcrack-cli from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz | Microsoft Windows password cracker using rainbow tables (cmdline) | http://ophcrack.sourceforge.net/
- Nix - ophcrack: normalized package name match | nixpkgs package indexes: pkgs/by-name/op/ophcrack/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
- Ubuntu apt - ophcrack - 3.8.0-3build4: normalized package name match | Ubuntu 24.04 LTS package indexes: ophcrack from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz | Microsoft Windows password cracker using rainbow tables (gui) | http://ophcrack.sourceforge.net/
- Ubuntu apt - ophcrack-cli - 3.8.0-3build4: normalized package name match | Ubuntu 24.04 LTS package indexes: ophcrack-cli from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz | Microsoft Windows password cracker using rainbow tables (cmdline) | http://ophcrack.sourceforge.net/
- dnf - ophcrack - 3.8.0-21.fc44: normalized package name match | Fedora Rawhide package metadata: ophcrack from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst | Free Windows password cracker based on rainbow tables | https://ophcrack.sourceforge.io
- MacPorts - ophcrack: normalized package name match | MacPorts ports tree: security/ophcrack/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1


## Related links

- [Secret-risk packages](https://www.automicvault.com/pkg/secret-risk-packages/) - Has protected-tool coverage, approval-gate, or non-low Geiger security signals.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [Security and crypto packages](https://www.automicvault.com/pkg/security-crypto-tools/) - Matched security, identity, cryptography, password, signing, or certificate metadata.
- [openssl@4](https://www.automicvault.com/pkg/brew/openssl-4/) - Runtime dependency declared by Homebrew.
- [pdfrip](https://www.automicvault.com/pkg/brew/pdfrip/) - Shares av.db curated category or tags: cli, password-cracking, password-recovery, security.
- [fcrackzip](https://www.automicvault.com/pkg/brew/fcrackzip/) - Shares av.db curated category or tags: cli, password-recovery, security.
- [hashcat](https://www.automicvault.com/pkg/brew/hashcat/) - Shares av.db curated category or tags: cli, password-recovery, security.
- [pdfcrack](https://www.automicvault.com/pkg/brew/pdfcrack/) - Shares av.db curated category or tags: cli, password-recovery, security.
- [truecrack](https://www.automicvault.com/pkg/brew/truecrack/) - Shares av.db curated category or tags: cli, password-recovery, security.
- [wirouter_keyrec](https://www.automicvault.com/pkg/brew/wirouter-keyrec/) - Shares av.db curated category or tags: cli, password-recovery, security.
- [jsign](https://www.automicvault.com/pkg/brew/jsign/) - Shares av.db curated category or tags: cli, security, windows.
- [osslsigncode](https://www.automicvault.com/pkg/brew/osslsigncode/) - Shares av.db curated category or tags: cli, security, windows.
- [sequoia-chameleon-gnupg](https://www.automicvault.com/pkg/brew/sequoia-chameleon-gnupg/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, openssl, security, using.
- [sequoia-sqv](https://www.automicvault.com/pkg/brew/sequoia-sqv/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, openssl, security.

## Combined YAML source

View the package source record on GitHub. [combined/ophcrack.yml](https://github.com/automic-vault/db/blob/main/combined/ophcrack.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
