-
June 21st, 2006, 08:35 PM
#1
Member
Safely change Admin password XP NTFS
Not sure where to put this question, so I'll just tick it here.
Yes this question, has been asked, but I want to know about the chances of data loss from this method.
Yesterday I was asked to look at someones computer, they want important files from the hard drive. I discover after getting the drive home that it is NTFS, The folders I want to access are protected folders by the NTFS filesystem. I have little experince with this system.
Not even sure an Admin password has been set but one thing is for sure, NTFS is restrincting my acess to Documents and Settings/user
I finished reading how to use Knoppix and chntpw to change the Admin password since the owners have no clue what the pass is. The problem with the Knoppix method I have is two part.
1) It requires using "Captive NTFS" which they say is experimental and to backup your data first, I can not backup the data because of access permisions. And this person realy wants her files, I cannot risk looseing them. If I could be asured by someone who has tested this method that it works without problems that would make me feel beter about trying it.
2) Some reason my newly built PC is not loading Knoppix from the CD, it simply freezes, or locks at the Penguin. My other PC is very old and locks up prosumably because it dont understand NTFS.
Has anyone tested the Chntpw method with knoppix + Captive NTFS?
Why in the world minght Knopix not work on a brand new PC? (See Specs in sig)
Does anyone have any recomendations? Cannot risk data loss.
Im not realy asking how its done, only whats safe, please no flams, its already hot outside.
MyBox:
Asus P5VDC-MX
Celeron 2.8GHz
512MB DDR 400
WD 250GB SATA
DVD-ROM, CD-RW
Thermaltake 430W PSU
Netgear WGT624 Router
-
June 21st, 2006, 11:34 PM
#2
Yesterday I was asked to look at someones computer, they want important files from the hard drive
What is the problem with the PC - is the Hard drive knackered?
Can you still log on as any user with admin rights?
You can reset a Windows XP admin password with a boot disk, then log on as the local admin and have access to everything.
http://www.loginrecovery.com/ - £10 fee for it
http://ebcd.pcministry.com/ - can back up the files too
http://sourceforge.net/projects/austrumi - live linux CD made for this very reason
http://home.eunet.no/~pnordahl/ntpasswd/ - My favorite for this type of thing - remove the admin pasword rather than reset it and log on as admin with no password - very easy to use and has good instructions.
This is porviding the hard drive isn't up the swany. Once you have logged on as the local admin, you can export any file you like.
enjoy!
-
June 22nd, 2006, 12:27 AM
#3
Member
What is the problem with the PC - is the Hard drive knackered?
Problem was Blue Screen of Death, Repair Install of xp gets me in, but not long after the blue screen apears, and cannot boot without help from Repair install. I suspect it might be the game he aparently installed, he claims everying worked untill he installed the game.
Anyway the drive works fine as a slave drive in my work computer. its just accessing the folders I need.
The owner then tells me she don't care about the computer, she just want's her files. I ask to bring the Hard drive home with me so I can work on retrieveing her files. Then I plan to reformate, fresh install and check things out in detail. After the backup.
Gona try the ntpasswd utility you mention first since it apears to be safer. I greatly apreciate the help, will let everyone know what hapens.
Currently downloading latest Knoppix, after checking cd with Nero SpeedCD, no damaged sectors, so disk is fine, and its always worked in other computers, hopefully version 5 will work beter
MyBox:
Asus P5VDC-MX
Celeron 2.8GHz
512MB DDR 400
WD 250GB SATA
DVD-ROM, CD-RW
Thermaltake 430W PSU
Netgear WGT624 Router
-
June 22nd, 2006, 05:25 AM
#4
Member
Another tool
I like to use Ophcrack2 on computers that I get when the owner forgot to tell me that it's pasword protected.
Ophcrack Live CD
The Ophcrack LiveCD is a bootable Linux CD-ROM containing ophcrack 2.2 and a set of tables (SSTIC04-10k). It allows for testing the strength of passwords on a Windows machine without having to install anything on it. Just put it into the CD-ROM drive, reboot and it will try to find a Windows partition, extract its SAM and start auditing the passwords.
Getting it
You can download the ISO image from SourceForge mirrors.
Home Page http://ophcrack.sourceforge.net/
download http://prdownloads.sourceforge.net/o...0.iso?download
It's fairly fast and keeps me from having to reset any passwords.
You can\'t squeeze cheese from a goat before it\'s hatched.............
-
June 22nd, 2006, 07:01 AM
#5
Howdy.
I usually use Helix: http://www.e-fense.com/helix
it has a heap of options that can be used. it' is able to take an image of the hard drive that is selected and it will put the image where you want it put.
it also has a lot of cool password reseting tools. and you can use it while still logged in windows.
just boot up, log into windows, insert CD and off you go.
or you can also just boot up the computer and boot into Helix.
cheers
f2B
-
June 22nd, 2006, 07:09 AM
#6
-
June 22nd, 2006, 10:43 AM
#7
2) Some reason my newly built PC is not loading Knoppix from the CD, it simply freezes, or locks at the Penguin. My other PC is very old and locks up prosumably because it dont understand NTFS.
The machine itself has nothing to do with not being able to understand NTFS. It is a filesystem, that's handled by the OS that gets loaded. You could have an issue with the harddrive being to "big" for the BIOS.
The reason you're getting an "Access Denied" is because the SID is different. Windows uses SIDs to differentiate accounts. Not accountnames. So "Administrator" on one machine isn't the same as "Administrator" on another because the SIDs are different.
You can access the files by "resetting" the Access Control List. You can do that simply by "taking ownership" of those files.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
June 22nd, 2006, 11:47 AM
#8
I would second the OFFLINE NT PASSWORD & REGISRTY EDITOR BOOT DISK. There is a link on Zowned.com
-
June 22nd, 2006, 02:15 PM
#9
As you have the disk in a computer where you are the administrator go with what sir dice said. right click on the disk go to the security tab, advanced options and take ownership of the disk. Dont forget to allow to replace authorisations on the child folders. You should have acces to all the files on the disk.
\"America is the only country that went from barbarism to decadence without civilization in between.\"
\"The reason we are so pleased to find other people\'s secrets is that it distracts public attention from our own.\"
Oscar Wilde(1854-1900)
-
June 22nd, 2006, 10:36 PM
#10
Go with what MURACU said, resetting the password is unlikely to help you, however you may need to boot into safe mode to access some of the security/ownership features, particularly with XP Home.
I\'m Dying To Find Out The Hard Way
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|