forgotten Admin password recovery

A simple way to reset the password on a Windows NT machine is the "Offline NT Password & Registry Editor, Bootdisk" You can use your favorite search engine to find this tool.

Quote:

---

Originally posted here by fiend
Other than the above, the only other obvious answer is brute force... Such as lophts software or brutus...

---

I need to get a the admin password for a win2k machine and resetting it isn't an option so the brute force is in fact my only real option. I have gotten the sam but L0phtcrack will not audit it because it is SYSKEY encrypted. I have learned that the only way to audit a sam encrypted with syskey via l0pht is by being logged in as Administrator or as a user with admin privileges but for me this is not an option. Does anyone have a way to brute force a sam that is encrypted using syskey?

Quote:

---

Originally posted here by Tyax


I need to get a the admin password for a win2k machine and resetting it isn't an option so the brute force is in fact my only real option. I have gotten the sam but L0phtcrack will not audit it because it is SYSKEY encrypted. I have learned that the only way to audit a sam encrypted with syskey via l0pht is by being logged in as Administrator or as a user with admin privileges but for me this is not an option. Does anyone have a way to brute force a sam that is encrypted using syskey?

---

With the level of encryption that is used to encrypt the sam you would need quit a bit of computing power. The NSA might be able to do it for you. But I would venture to guess that they would not want to help someone gain admin access on a machine that they shouldn't have it on anyways. I'm making that assumption based on the fact that you cannot change the password, ie., then they(the real admins) would know that somebody changed it and change it again.

Ratman2... you got it to work with XP Pro then? One more reason why physical security is just as important...