Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 21

Thread: nt offline passwd cracker security

  1. #11
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    http://home.eunet.no/~pnordahl/ntpasswd/bootdisk.html

    Geez. How difficult is it to remove that final period?

    This particular tool is one I use in class when students forget their password or it gets changed during wargames. It's pretty good and I like the fact that it works off of a floppy (yes, those things still exist). If you look you'll see instructions on how to remove a password for an AD as well as AD using Win2003.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  2. #12
    Junior Member
    Join Date
    Jun 2005
    Posts
    20
    I agree with the second reply. Without physical security there really is no security.

  3. #13
    Banned
    Join Date
    May 2005
    Posts
    47
    Originally posted here by Tiger Shark
    Treanglin:

    With physical access to the computer there is _no_ way to block the attacker. Everything you want to try to stop them is easily circumvented.... Remember, all he has to do is remove the HD, place it in a different system and boot to his own OS. Your HD is now his to do with what he wishes and his wishes probably don't equal your dreams.....
    What if your drive is encrypted? Check out loop-AES or some other data protection encryption. There are ways to ensure that even if your drive is stolen and hooked up to another machine, that the data is protected.

    There's ways of stopping people with physical access. This place is very narrow minded.

  4. #14
    Senior Member
    Join Date
    Jun 2004
    Posts
    281
    Yes, although there are many ways to ecrypt your data there is always the thought that the encryption was created by a program and at the same time can be decrypted.

    As for being narrow minded, I would check my attitude at the login prompt I have found some of the most useful and thought provoking information on here from the majority of the "old schoolers."

    WITHOUT PHYSICAL SECURITY THERE IS NO SECURITY!!!!!!!!!

    - MilitantEidolon
    Yeah thats right........I said It!

    Ultimately everyone will have their own opinion--this is mine.

  5. #15
    Banned
    Join Date
    May 2005
    Posts
    47
    You go decrypt AES or PGP without my key and get back to me on that. With a combination or encryption and monitoring it is easily possible to control physical access.

  6. #16
    Senior Member
    Join Date
    Jun 2004
    Posts
    281
    You sure you feel secure with that? Let me ask you would you be willing to put you life on the line for that statement? I don't just mean physically I mean everything to where I would physically own you and everything you ever had/have including family. (This is something my boss would ask me when I would plan for a new security level and people wonder why I am no longer working for her.)

    This is when three armed/masked men pull up in black Suburban hop out run in house grab computer (and some cookies from the cookie jar sitting on top the fridge) continue backing out slowly. They proceed to exit the house lay the computer down on the ground and put about 700 rounds in to the computer... Where is your physical security now...!!!! buuuyyaaa!!

    - MilitantEidolon
    Yeah thats right........I said It!

    Ultimately everyone will have their own opinion--this is mine.

  7. #17
    Junior Member
    Join Date
    May 2005
    Posts
    12
    This is when three armed/masked men pull up in black Suburban hop out run in house grab computer (and some cookies from the cookie jar sitting on top the fridge) continue backing out slowly. They proceed to exit the house lay the computer down on the ground and put about 700 rounds in to the computer... Where is your physical security now...!!!! buuuyyaaa!!

    - MilitantEidolon [/B]
    Okay if they want my box that bad they can have it just dont touch my cookies or else.
    Wow this registration form makes me feel stupid. Im scared to go to the forums.

  8. #18
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    To call it "NT offline password cracker" is a bit unfair.

    It is NOT a cracker and cannot be used to crack passwords. It's simply a utility that allows someone with physical access (presumably legitimately) to reset the Administrator and other passwords.

    I have used it on several occasions, for legitimate "data recovery", i.e. someone hands me an old Windows box that nobody seems to know the password for, and wants some data off it.

    It's not some sort of l3337 0-DaY Bl4ckH4t T00lz

    Slarty

  9. #19
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Slarty is correct, it has nothing to do with "cracking" it is about obtaining control of the operating system, and hence, the computer.............................and I have never heard of anyone who encrypted their operating system and got their computer to reboot

    Encryption is for data: physical security needs to be provided physically.



  10. #20
    Junior Member
    Join Date
    May 2005
    Posts
    12
    I know that it is not a "cracker" per say, it was just easier than saying "nt offline password reset tool"
    Wow this registration form makes me feel stupid. Im scared to go to the forums.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •