Forgotten Password??
Results 1 to 10 of 10

Thread: Forgotten Password??

  1. #1
    Senior Member
    Join Date
    Dec 2006
    Location
    Myrtle Beach, SC
    Posts
    238

    Unhappy Forgotten Password??

    hi its me again.

    some how the passwords for the family pc got changed , in fact it was never password protected, as far as i know. but now there is a password on all accounts even the administrator one . and no one seems to remember the passwords. we recently changed firewalls, which i doubt has anything to do with it, from zone alarm to comodo. is it possible that some one can access the computer via internet and change our passwords . i dont know for sure, im new to networking and the such, but either way i need to recover those passwords or change them. any suggestions? thnx for the help

    runnin windows xp professional sp2 i do believe

  2. #2
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.

    http://ophcrack.sourceforge.net/

    Cheers:
    DjM

  3. #3
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,188
    Are you able to log into any of the accounts? Most of those password crackers cannot be ran on a 'guest' or other type of limited account. Have you tried administrator in safemode? I have actually worked on a laptop that would not let me log in as administrator when booted in normal mode, but when I booted to safemode, it let me log in as administrator without a password... weird?? It seems like I had heard about a boot cd that would let you change windows passwords, but I have never seen it in action. If worst comes to worst, you could boot off of a live linux cd [ubuntu, knoppix etc] and at least back up your files for a reformat... though that is usually a dreaded last resort. Best of luck to you!

    Westin
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  4. #4
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Westin, Ophcrack is a LiveCD you boot from it and let it do its thing. It doesn't require an account to work.

    Checkout a screenshot: http://sourceforge.net/project/scree...599&ssid=82447

    Cheers:
    Last edited by DjM; July 11th, 2008 at 04:17 PM.
    DjM

  5. #5
    Senior Member
    Join Date
    Dec 2006
    Location
    Myrtle Beach, SC
    Posts
    238
    thnx for the help.

    it was weird because i couldnt get into any of the accounts, not even in safe mode. the admin account some how got pass protected. but heres the kicker, i did a last known config and im able to log in again . so now im tryin to figure out y. prior to this there was an incident where comodo ran a scan and picked up a threat. i deleted it, thought it was nothin. ill have to check comodos logs and get back to u on that

  6. #6
    Senior Member
    Join Date
    Dec 2006
    Location
    Myrtle Beach, SC
    Posts
    238
    well it turns out that the threat comodo detected was dreampack, but its where that concerns me, in the sfcfiles.dll. i know the nature of dreampack being its used to, ironically enuff, crack passwords. its weird becuase, like i said, once i removed it passwords were somehow generated, it wasnt untill i restored it, that was able to log back in. now i wanna think that it was just a false positive on comodos end, but then id have to run it on my personal pc to know for sure

  7. #7
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,188
    Quote Originally Posted by DjM
    Westin, Ophcrack is a LiveCD you boot from it and let it do its thing. It doesn't require an account to work.

    Checkout a screenshot: http://sourceforge.net/project/scree...599&ssid=82447

    Cheers:
    heh, you can tell I did a lot of research before I posted that

    Thanks for the Info DjM...
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  8. #8
    Senior Member
    Join Date
    Aug 2001
    Location
    Calgary, AB Canada
    Posts
    140
    I've used Ophcrack before, it's a really neat tool.

    However I'm also a huge fan of BartPE. While Ophcrack is easier to setup and use, BartPE can be very powerful.

    It's a boot CD that boots into it's own little Windows environment. There is a plugin by Sala that can reset your administrator password, elevate an existing user account to an administrator level, etc. This sala tool is a little odd, the interface isn't the most intuitive... However I've used it to gain access to my test Windows 2003 server when my partner locked us out by accident.

    You can get BartPE here:

    http://www.nu2.nu/pebuilder/

    You can get the Sala Password Renew plugin tool here:

    http://www.kood.org/windows-password-renew/

    I'm at work right now so I can't write much of a tutorial. But basically when you download BartPE and run BartPE.

    This is what I did:
    Installed BartPE to:
    c:\pebuilder3110a

    Extracted the Sala password renew tool to:
    c:\pebuilder3110a\plugin\sala

    Then I ran:
    c:\pebuilder1330a\pebuilder.exe

    When the window pops up, you have some fields which have little explanations beside them.

    Source: Point this to the Windows Installation files. (Your windows XP cd for example.)

    Custom: You can add a file or directory that you want included with the image. I put my entire McAfee thing here. What it does it put the directory on the 'root' part of the cd image it creates. You likely don't need to touch this for a simple image.

    Output: I called it 'BartPE.' It creates an ISO image file.


    Media Output:
    I created an ISO, but you can burn right to a CD if you'd like. I used another CD burning tool so I can't say if the PEBuilder one is any good.


    Then boot the computer off this CD. Once it's up, click on 'Go --> Programs --> Password Renew'

    The interface for the Password Renew utility is terrible...

    At the bottom you'll see Select a Target. Click this and point it to C:\WINDOWS. You're basically telling Password Renew where your windows directory is so it can find the SAM file.

    Now on the left you can "Select a Task". Either renew existing password, create new administrator user, etc. Click one of these and enter the required information. To 'Apply' the change, look to the upper left area under 'Select a action' You have to click 'Install' to 'apply' the change.

    Yes, it's terrible.

    Reboot, (take the cd out ) and you should be golden!

    Little more prep work than Ophcrack for sure, but it's very fast and powerful once you get it setup.


    ----

    Now, I know you were able to log back in, which is great! But this is for future reference to you and other people who might come across this thread. I would be a little concerned if passwords suddenly showed up on my system too. I'm not sure how it would have happened in your case.


    Dave
    Alcohol & calculus don't mix. Never drink & derive.

  9. #9
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    I could have used one of these tools LONG ago!!!

    Thanks for the info I will check them out.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  10. #10
    Senior Member
    Join Date
    Dec 2006
    Location
    Myrtle Beach, SC
    Posts
    238
    hey thanks for the help. i uninstalled comodo and all is well. got the updated zone alarm. its all good to go

Similar Threads

  1. Windows Error Messages
    By cheyenne1212 in forum Miscellaneous Security Discussions
    Replies: 7
    Last Post: February 1st, 2012, 02:51 PM
  2. Secure Passwords Tutorial
    By NeonWizard in forum The Security Tutorials Forum
    Replies: 5
    Last Post: August 13th, 2004, 07:54 PM
  3. Windows XP Tips
    By Nokia in forum Tips and Tricks
    Replies: 4
    Last Post: June 18th, 2004, 05:24 PM
  4. Good Password: Common Practices
    By jdenny in forum The Security Tutorials Forum
    Replies: 7
    Last Post: August 30th, 2002, 05:34 PM
  5. Securing Your Windows PC
    By E5C4P3 in forum The Security Tutorials Forum
    Replies: 10
    Last Post: June 12th, 2002, 05:54 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •