In genere se non si dispone di un utente con diritti di amministratore è necessario aumentare i privilegi (ad esempio, sfruttare una vulnerabilità), quindi attivare gli strumenti pw dump.
copiato da Ophcrack wiki verbatim:
"You can either enter the hash manually (Single hash option), import a text file containing hashes you created with pwdump, fgdump or similar third party tools (PWDUMP file option), extract the hashes from the SYSTEM and SAM files (Encrypted SAM option), dump the SAM from the computer ophcrack is running on (Local SAM option) or dump the SAM from a remote computer (Remote SAM option).
For the Encrypted SAM option, the SAM is located under the Windows system32/config directory and can only be accessed for a Windows partition that is NOT running. For the Local SAM and Remote SAM options, you MUST logged in with the administrator rights on the computer you want to dump the SAM."