Home page logo
/

basics logo Security Basics mailing list archives

restore Administrator password
From: "Huddleston, James E SPC, S-2" <james.huddleston () us army mil>
Date: Mon, 19 Apr 2004 21:56:17 +0200

Depending on the size of your company, you could have them purchase a
program called NTFSPro, it allows you to boot to dos and mount the NTFS
partition, then you just have to delete the sam file, it will reset the
admin password to blank, but it deletes all other accounts as well.  If
you write a script to run at bootup you can have it create a new account
with admin rights, then instead of deleting the sam file, just rename
it, after you create the script, re-rename the sam file back and login
with the newly created administrative account.

Huddleston, James E.

-----Original Message-----
From: ZEN
To: sec; security-basics () securityfocus com
Sent: 4/18/2004 11:47 AM
Subject: Re: restore Administrator password

umm.....if u use something of a pasword cracker...and the admin guy used
a
decent password of about 8 characters or so that are not directly out of
a
dictionary....u could get stuck for along long time cracking the
password.
Go along with the bd040116/cd040116 file i mentioned in an earlier mail
to
do it for you.
    Heres another way i found you could do it(i fiddle a lot with system
files). Goto your system32 directory and create a backup of logon.scr
and
then delete it!!!
    now rename cmd.exe(make a backup of this also) as logon.scr.
    Now logoff your computer and leave it on for abt 20 mins(patience
it'll
happen).Now instead of running the screensaver your OS will run an
unprtected command prompt where you can use the command : "net user
<name of
admin a/c> <new password>" (Note you do not need the old password to
change
it!!!!)
    This will not work while your logged on as another user as it will
return an error saying that you do not have sufficient right. But before
logging in there are no restrictions created ;-)
    It works in XP which is just a build up on Win2000/NT so it should
work
in your system.
Best of luck cracking the password.

-ZEN
----- Original Message ----- 
From: "sec" <sec () moomia com>
To: <security-basics () securityfocus com>
Sent: Saturday, April 17, 2004 2:35 AM
Subject: Re: restore Administrator password


What you need is a knopix CD from knoppix.org and get something like
lophtcack or caine
and able and you will be able to crack the password.
Depending on the password strength this could be done in a couple of
seconds or some minutes.
good luck


---------- Original Message -----------
From:
To:
Sent:
Subject:


------- End of Original Message -------


SPAM-PROTECTION KEY: kp1e9z8vqqcdmp624tflf5n5
See http://www.moomia.com/spamcheck.htm



------------------------------------------------------------------------
--
-
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off
any course! All of our class sizes are guaranteed to be 10 students or
less
to facilitate one-on-one interaction with one of our expert
instructors.
Attend a course taught by an expert instructor with years of
in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your
organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html

------------------------------------------------------------------------
--
--



------------------------------------------------------------------------
---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off 
any course! All of our class sizes are guaranteed to be 10 students or
less 
to facilitate one-on-one interaction with one of our expert instructors.

Attend a course taught by an expert instructor with years of
in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization.

Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]