Cracking Windows 2000 And XP Passwords With Only Physical Access

**yumingtian** · December 13th, 2004, 06:58 AM

I think this is a great tutorial. There are just a few minor glitches that I had to change before I could crack my win2k password. REMEMBER, this is WINNT and the windows dir is not WINDOWS, it is WINNT or /mnt/hda1/WINNT/SYSTEM32/config/sam

I also couldn't install Cain because I didnt have administrative access, so SAMInside works, but is very slow.

I wonder if there is any way of deciphering the hashes - an algo or something - and then it will only be a matter of seconds before the password is cracked.

You didn't mention (for people that might not know) about running knoppix in runlevel 2

Great tutorial otherwise.

**spazzmatrix** · December 13th, 2004, 11:52 PM

Nice tut. No matter how many time I read a similar tut I learn something new with each one.

Good advice for someone without a live cd, and the right access rights.

**yumingtian** · December 14th, 2004, 06:13 AM

Oh, I did some research into the hashes and found out it does a one-way XOR on the password once it has been encrypted by another means, so It could be impossible to crack the hashes without bruteforcing it.

**White Scorpion** · December 15th, 2004, 07:33 AM

it IS impossible to crack it without brute force... HOWEVER, not long ago there is suppose to be one person who has cracked the md5 alghorithm (meaning he is able to reverse it), but if this is really true i do not know..

***Irongeek*** · March 22nd, 2005, 03:53 AM

Continued here http://www.antionline.com/showthread...hreadid=267039

Thread: Cracking Windows 2000 And XP Passwords With Only Physical Access

Thread Tools

Display

Posting Permissions