Results 1 to 4 of 4

Thread: NT Password Recovery Tool.

  1. September 23rd, 2002, 06:47 PM #1
    imported_Tek Weasel
    imported_Tek Weasel is offline
    Banned
    Join Date
    Sep 2002
    Posts
    89

    NT Password Recovery Tool.

    We have been using this Boot Disk around the office for a year or so now, and I would like to bring it to the attention of all Network Administrators.

    The Tool Is: Offline NT Password & Registry Editor

    What it Does:

    -> This is a utility to (re)set the password of any user that has a valid (local) account on your NT system, by modifying the crypted password in the registrys SAM file.
    -> You do not need to know the old password to set a new one.
    -> It works offline, that is, you have to shutdown your computer and boot off a floppydisk. The bootdisk includes stuff to access NTFS partitions and scripts to glue the whole thing together.
    -> Note: It will now also work with SYSKEY, including the option to turn it off!

    Why Use It?

    NT stores it's user information including crypted versions of the passwords in a file called 'sam', usually found in \winnt\system32\config. This file is a part of the registry, in a binary format previously undocumented, and not easily accessible. But thanks to a German(?) named B.D, I've now made a program that understands the registry. As far as I know, Microsoft provides no way of changing the password if you cannot log in as someone with appropriate privileges, except restoring the registry files from the rescuefloppy.

    -> You don't forget passwords?
    -> You never get boxes to admin when someone quits suddenly?
    -> Your vendor delivers a preconfigured system to you, but never have "freak" accidents and lose the password they've set on it?
    -> If so, what are you doing reading this?? Go read propaganda from your favourite software vendor instead.

    Where to get the product? http://home.eunet.no/~pnordahl/ntpasswd/
    Reply With Quote Reply With Quote
  2. September 23rd, 2002, 07:17 PM #2
    cross
    cross is offline
    Senior Member
    Join Date
    Feb 2002
    Posts
    500
    Thank you sooo much, you just saved me from moving 25 gigs of info just to reformat the machine! This tool will come in very usefull in the future here at least. I wish i could give you some AO points for this one, but unfortunatly i can not assign any yet! Props for finding this valuble info!

    Keep up the good work

    Cross
    Ron Paul: Hope for America
    http://www.ronpaul2008.com/
    Reply With Quote Reply With Quote
  3. September 23rd, 2002, 09:13 PM #3
    SodaMoca5
    SodaMoca5 is offline
    Senior Member SodaMoca5's Avatar
    Join Date
    Mar 2002
    Posts
    236

    Password Recovery

    There are a couple of commercial password recovery tools out there (ERD Commander comes to mind). However, there is no reason to use them. This sounds like the same one I use (Rawrite), it boots into a Linux kernal on the boot disk.

    The only thing (if this is the same program) that you need to be aware of is that a little *nix may come in handy. When picking the hard drive partition you have to be able to choose the one that is running the OS. Since a lot of cheap computers set up a mini-partition for the their own installation of tools and then a second one for the OS you may have to choose. This is especially true if they shipped the computer using FAT16 even of the OS installation.

    90% of the time the default disk is the correct disk. Since the utility will skip a FAT16 disk if it sees an NTFS disk. If multiple OS's are used or if the system has multiple FAT16 partitions then it may not be. Then you have to choose the correct disk and people who are not familiar with *nix seem to have a hard time figuring out which disk that is.

    when the tool picks it mounts each partition as a disk "hda" so the full path is something similar to /root/bin/hda0, and this is the default. If that is not the main OS drive then you have to type (that's right no mouse clicking here) in the path to the correct one. Again, in my experience this is normally /root/bin/hda1

    If the computer is using SCSI drives the utility comes with a load of them but a floppy cannot hold more than a few. Therefore you will have to determine the SCSI controller and add that basic controller onto the disk as well.

    A couple of things I like about this utility. First it leaves a footprint, it does not find out what the password is it only lets you change it. Second is it is quick and easy to use. While it requires a shutdown it takes far less time than ERD Commander does (which also requires a shut down and three floppy disks). Finally it is FREE. Not only is it free but like so many Open Source programs its installation, documentation, and help are better than most commercial products.
    SodaMoca5
    \"We are pressing through the sphincter of assholiness\"
    Reply With Quote Reply With Quote
  4. September 23rd, 2002, 09:28 PM #4
    xmaddness
    xmaddness is offline
    Webius Designerous Indiginous
    Join Date
    Mar 2002
    Location
    South Florida
    Posts
    1,123
    Yep, I've used that tool many times. I've never had problems. A great tool.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules