Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 27

Thread: locked windows XP..

  1. #11
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Google is always good at finding this stuff


    Always wished MS would allow a UNIX like single user mode from console to change admin
    password if lost or forgotten..
    That becomes a security risk when you think about it. And if MS wants to meet the needs of the US Gov, this may be part of the reason why. In addition, many of the *nix environments are putting passwords on single user mode, so this may become a thing of the past.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  2. #12
    Senior Member
    Join Date
    Mar 2004
    Location
    Colorado
    Posts
    421
    Originally posted here by Spyder32
    Hrmm, where can I get this "Passware" program. I'd like to see it and it's website, etc because that program look's (well, sounds like) as if it could be used the wrong way. For instance, a hacker could easily use it on a school computer or his home computer to get admin privledge's because his mom/teacher/admin set a password. He would use that to make the password reset, so that program seem's like it could be used the wrong way.

    http://www.lostpassword.com/

    Yes it can be used for evildoing.

    With the good always comes the bad..

  3. #13
    Senior Member
    Join Date
    Jun 2002
    Posts
    174
    Well...since the default Administrator password has been compromised, I suggest one of two things:

    1) Do the reformat suggested by the above.
    2) Preform a good, ol' fashion hack against the box.

    The second may seem like a waste of time, but it might be a good learning experience. Boot up into a CD based Linux, copy the SAM file, extract the password hashes, and perform dictionary and, if need be, brute force attacks.

    If you decided to format the drive with fat32 during the initial installation, you may be able to get the SAM by just dragging it off the HD while mounted as a secondary drive.

    Or, if you feel less adventurous....just copy important files...and reformat...BORING...
    Another bad thing about this is that you cannot retrieve your old files if they used EFS encryption on the drive. You can't get the old files back unless you get the original password anyway....
    I\'m back.

  4. #14
    Senior Member
    Join Date
    Mar 2004
    Location
    Colorado
    Posts
    421
    That becomes a security risk when you think about it. And if MS wants to meet the needs of the US Gov, this may be part of the reason why. In addition, many of the *nix environments are putting passwords on single user mode, so this may become a thing of the past.
    Goes without saying...

  5. #15
    the link specified in the earlier post .. explains how to use the tool... and its actually pretty simple.. just like working with a wizard... the possiblity of misuse cant be denied.. but lets hope tht it is used for good only..
    [shadow][gloworange]there are 10 types of people in this world,
    those who understand binary...and those who dont.[/gloworange][/shadow]

  6. #16
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    The way I look at it, the box has physically been owned...............so you don't know what is or is not on it? It has been owned by a known malicious person?

    Or, if you feel less adventurous....just copy important files...and reformat...BORING...
    I am afraid that is the standard recommendation in these circumstances from a purely security aspect.

    Cheers

  7. #17
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    I take it that you now can access the admin account? That tool is surprisingly easy and is probably used by both white and black hats. There is another link there on how to deal with the AD server if the password is forgotten. We experimented here at the school and I was showing it to a colleague. We were amazed as to how easy it was to reset the password (without a boot disk) for the AD (took us about 2 min due to reading comprehension issues). Granted you can take a longer method (the linux bootdisk, copy the same and try to find the right hash) but the real world often is a "NOW" concept. Sometimes tools just work better.

    The way I look at it, the box has been physically been owned...............so you don't know what is or is not on it? It has been known by a known malicious person?
    This is an important point to consider. A check of the box for things like viruses, trojans etc. might be worthwhile. While he may have locked out the admin account, it is possible he did more. A reformat will guarantee you catch everything but perhaps it might be worthwhile to see if you can find it without resorting to a reformat just yet.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  8. #18
    Senior Member
    Join Date
    Jun 2002
    Posts
    174
    I would only suggest my option if there were EFS encrypted files that he "needed" to get access to.

    Seeing as how these people appear to be nothing more than "learned" users at best, I would assume they do not.
    I\'m back.

  9. #19
    Senior Member
    Join Date
    Oct 2002
    Posts
    4,055
    With the good indeed come's the bad, but that Passware program sounded more to me as if it was meant more for malicious intention's. I mean, think of like a program description for it.

    This program reset's the admin's password. 1337 r1gh7??
    Space For Rent.. =]

  10. #20
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    Peter utility will "blank" the password
    *nix box nowadays stop that "single user root password reset" because it was really dumbass to do that. You can avoid that
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •