XP Logon

Someone got onto my computer and obviously changed some things. At the logon screen, it won't take my password which I usually just hit cancel and log on. Is there a way to bypass this logon screen to get into windows xp.

Yes actually there are several ways to bypass the correct login. But I'm sorry, I am not going to tell you them.

The reason is that I don't know you. This was your first post and you are asking me (or anyone) to help you crack a computer I have no way of knowing that belongs to you.

AO is primarily a security site. We help people secure their computers against crackers and not help crackers to get into them. Now I am not saying that you are such a person. I don't know. And, there is no way you can convince me -- on the internet-- that you are the owner and have the right to bypass the login of that machine.

What I will suggest, is that you take your computer to a repratable computer shop, and they can get you into it very easily. Probably at very little charge. There are also several cracker sites on the internet, whom would be happy to help you out. This is just not one of them.

Hint = google search can provide you the answer you seek.

being a cracker or not, I think I will explain a few ways to setup passwords on XP.

First and easiest: Open the "user accounts" program from the control panel and click the user who you want to add a password to. Then click "create a password" at this time you can add a password and a password hint, then select if you want to make your files private or not (admin only I think). Now anyone who wants to use that profile should, but it is windows, need to enter a password. At this time you can also "change the way users log on or off" and disable the welcome screen and fast user switching. With the welcome screen disabled you will (should) get a window at boot for a username and password.

Second way: Open a run box and type "control userpasswords2". You can use this window to add passwords to accounts, and most importantly create a password for the administrator account (if not change the name and group of said profile, but i've had mild success). For a little more security (at least microsoft says so, i highly doubt this really matters outside of trojans) select the advanced tab and check the box next to "Require users to press Ctrl+Alt+Delete"

Yay, you have now learned how to setup passwords. Any hacker worth his workstation, be it white or black hat, can take this information, look around, and find the answer to your question.

BTW: I think I got this info from Windows XP security by microsoft press.

OH DEAR :eek:

1. Login as Administrator and change the password (see post above)

2. I think you mean "enter" not "cancel"...............if you cancel............it aborts............it is XP you are running? Actually, my version has the cancel button greyed out? This tells me that you were running a user account with a blank password...........as you have now discovered, that is NOT a good idea.

3. Now comes the worst bit..................your machine has been owned by a malicious party, you have no idea of what has been put on it during that period..............the only safe thing is to save anything important, reformat the HDD, then reinstall XP, then apply all the Service packs and patches, then harden the system.............several useful tutorials on this site on how to do that.

Use secure passwords, write them down, and keep them in a safe place..............remember, for day to day use it is not a good idea to be logged on with Administrator rights.

Good luck

Hints:

1. Get the free Microsoft Security Update CD and run it.
2. Install a firewall BEFORE you go on the net for updates

Hey Hey,

I was going to disregard this thread, however I figured I'd make a little comment. I'm glad that nihil caught the fact that there is no cancel, however I don't come to the same conclusion as he does.

Quote:

---

Originally posted here by sirmills
Someone got onto my computer and obviously changed some things. At the logon screen, it won't take my password which I usually just hit cancel and log on. Is there a way to bypass this logon screen to get into windows xp.

---

To be greated by the "classic" logon screen in Windows XP, you have to change a few things, otherwise you get the big GUI splashscreen/logon. Somehow if this person is running without a password, I doubt they'd have the intelligence to know how to change it from the default splashscreen. Which means that all they would do is click on a little Icon with their name if they had no password and it would log them in, if they had a password, a text box would appear and they would type it in and click "ok" or press enter. Again no cancel anywhere to be seen. The cancel to log in is, of course, a Windows 9X thing. Since this person is knew, with a single post under their belt, and asking a question like this... I've formed my own hypothesis. They only have experience with Windows 9x and suddenly at school they got these new XP machines. Now they want to be able to access them without permission and are trying to social engineer us into giving them info on how to beat/obtain the password.

Here's my suggestion to you sirmills: Stop being a script kiddie and grow up. If this is a legit request, I suggest you look into ERD Commander from www.winternals.com. It's pricy, but it's definately worth the money.

Peace,
HT

just boot from floppy and rename the SAM file, it can be found in the windows\system32\config folder....

b.t.w. if you did a search for this problem on this site, you would have found lots of solutions...

for instance my tutorial :)

there is -=NO WAY=- to bypass the XP logon screen to use the windows gui. it takes someone with administrator privilages or yourself if you has been given permission, to change the password. someone who cracked into your machine would have to obtain admin/system privilages to do this...tell the administrator because there is allot more to worry about than your stupid password if thats the case. otherwise whats on your girlfriends, classmates, brothers or sisters computer is none of your dammed concern.

or its possibe you've been an ******* and had your account disabled and you wish to continue to be an *******. if thats the case their are ways to create an account on the computer if yours has been disabled or reset the password if you actually had an account or were using someone else's and it was deliberatly changed to keep you out but there is no fix for being an *******.

You know there if your password was blank and it was your computer, then more than likley the administrator password is blank too.......
if you have the normal xp home logon page ( the one with all the pretty icons....)
Press control-alt-delete twice and it will bring you to a standard logon screen where it will ask you to type in a username and password, try administrator with no password.......

Quote:

---

Originally posted here by linuxcomando
You know there if your password was blank and it was your computer, then more than likley the administrator password is blank too.......
if you have the normal xp home logon page ( the one with all the pretty icons....)
Press control-alt-delete twice and it will bring you to a standard logon screen where it will ask you to type in a username and password, try administrator with no password.......

---

Yeah, that's good advice because my friend had something similiar to it happen to his XP machine and he did that. If I may add to Nihil's "List of Hint's":

1. Create a safe, hard to crack password.
2. Include mixed character's (e.g: jl3h5kk3) to make it more difficult to crack or have guessed.
3. Be inventive: if you got a mom named sally and she's pregnant at 41 yrs with two kids already or something like that make it something to that nature such as (momsall4121mo). Now what I said was momsally41yearsold2kids1more just shortened and better :D let's see someone crack those when you make it inventive.
4. Remember it, by all mean's. Make it something you remember. Write it down and say it 100 times and get it caught in your brain. I remember all my passwords in my head (thankfully) despite them being hard because I studied them. If you can't remember them, keep them in an EXTREMELY safe place. Pretend it's money for god sake's.

Hope I helped :D

=+=+=+=+==+=+=+
nerds
Ya know, I had what I thought was a simple problem and asked if any of you geeks had a solution. None of you did. All that nerdiness. Is it really worth the lack of pussy to sit and post this **** all day? I thought you people only existed on T.V. Thanks for nothin'.
+=+=+=+=+=+=+=+=

wow im touched! thank you! but as for the lack of p????.....well i got you, cause thats what im calling your ass.

:)
Now that's social engineering....LOL

Quote:

---

=+=+=+=+==+=+=+
nerds
Ya know, I had what I thought was a simple problem and asked if any of you geeks had a solution. None of you did. All that nerdiness. Is it really worth the lack of pussy to sit and post this **** all day? I thought you people only existed on T.V. Thanks for nothin'.
+=+=+=+=+=+=+=+=

---

Did that post get deleted or something?

we do exist only on TV according to your description. In real life I'm actually good lookin, got a girlfriend, a job, own my own business, your box and your mom...
{check my profile}

sucks for you pencildick :fu: that you are not smart enough to do something yourself, instead you have to ask us for help....we have the solution, but we dont want to give it you.../cry more n00b.

You're retarded, and thats sad :sadwin: :flip:

Any more questions?


On a serious note, check this site, it will give you more indepth look into hacking:Altavista Cracking Group

What the Ctl-Alt-Del does is pauses most of the processes... This is effective against trojans, keyloggers, whatever...


EDIT: Cybr1d, that wasn't very nice... ;) Damn newbs.

nah! it was a pm. it was worded (i thought) like everyone got one. if it was just me i will feel special. but praise like this was meant to be shared. i mean "I thought you people only existed on T.V. " ...you just dont hear that everyday. know what i mean.

I only exist in front of the TV....

Damn, I never get the good pm's

Hmmmmm,

Quote:

---

Ya know, I had what I thought was a simple problem and asked if any of you geeks had a solution.

---

Seems to me he protests too loudly. His question WAS answered, he just didn't ask the truthful one, and even geeks dont like to be lied to and treated as mentally subnormal?

He did say "HIS" logon/password, so the Administrator ones must still be intact? Take you all of 60 seconds to fix that situation?

He also admitted to using a blank password in XP, and stated that his account had been compromised..................he was advised on correct procedures in both instances?

And nobody even negged him!

He is obviously far more familiar with 9x/ME than NT/XP, and confuses the two, but I do not find that to be prima facie evidence of malintent.

Maybe he just hasn't been paying attention............I remember on one site when we went from Win3.11 to NT4.0 there were memos, e-mails, screen pop-ups telling people that their user name would be the same but their first NT logon would have a password of "mypassword" that would work once, and they would have to change it as soon as they got on the system (or they would get no further)..........................still got about 20 people ringing in saying "my password doesn't work anymore"

Maybe they had spent too long in front of the TV :D

I think that everyone was very tolerant and helpful, given what I think he was really asking :)


Tedob1................what aftershave do you use?............. that's the only reason I think for you being the only one to get a PM.

Cheers

I use Old Spice Avalanche....what can I get for that? :D

Quote:

---

I use Old Spice Avalanche....what can I get for that?

---

Probably followed by a pack of your neighbourhood dogs?

:D

===========================================
Look, maybe we got off on the wrong foot. Or maybe I just don't get you people very well. I am not a hacker. I am just someone who doesn't like to sit back and take what is handed to me. The actual situation was, I am a teacher and while I was out, someone set up a password on xp pro where there was none before. The computer dude says it was probably a student, who we all know are smarter than any nerd ever born, and the only solution is to format and lose all my files. He maybe the computer expert but I can't accept his answer. I tried to reinstall xp but it asks me for xp pro service pack 1. I got my hands on that but have not tried using it because I'm sure its going to ask for the password before I reinstall.
==================================================================


I FEEL SPECIAL :D , My Old Spice its doing its tricks....wish it would attract some women now.

:)
I've browsed thru my XP Pro bestseller edition from Que books by R Cowart & B Knittel:
If you have no way of recovering the password, things are pretty grim, but you do have some alternatives. If you need to retrieve some files, you can remove the hard drive and install it in another Windows XP or 2000 computer as a secondary drive. Boot it up, log on as Administrator, and browse into the drive.

The best way of preventing these disasters is to create a password recovery disk and then store it in a safe place. The recovery disk will work, even after you have changed the password from previous passwords, so there is no need to make a new one everytime you change the password.

"Locksmith" from Sysinternals.com and Winternals.com are able to replace passwords as well.
Once again you'd have to target the drive from another box. But there are no guarantees.

Hope that helps

"it won't take my password which I usually just hit cancel and log on."


hes not looking for a way to reset his password or telling us he forgot it. he wants to bypass the the logon completely...'like he did before'

Quote:

---

I am a teacher and while I was out, someone set up a password on xp pro where there was none before.

---

And I hope that has taught you a lesson in security old chap :D

Quote:

---

set up a password on xp pro where there was none before. The computer dude says it was probably a student, who we all know are smarter than any nerd

---

Why is it my "lying frigger detector" is registering full scale deflection? Could it be that you have to set up an admin password to load XP? and with that password, you can change any other password..................."computer dude"..............didn't he set up an admin pass?..create a recovery disk?

Hot damn! people that stupid do not deserve paid employment? and anything that "the teacher" lost will be a benefit to society?

Sorry folks, I have lost patience with this one

:mad:

EDIT: In case any of you missed it:

Quote:

---

I tried to reinstall xp but it asks me for xp pro service pack 1. I got my hands on that but have not tried using it because I'm sure its going to ask for the password before I reinstall.

---

So what is the "computer dude" there for?........to fetch coffee & donuts? Also, doesn't the lying little toad know about "format disk?"

I don't blame ya....how many teachers do you know that use the word "the computer dude" to refer to their IT department? Dealing with school kids is their main priority....so setting up secure computers is a must for any school IT department. I'm sure if this "teacher" would ask the tech dep. for help...he wouldn't even be here. Also, the words that came out of his mouth are not even close to something a teacher would say.

What a joke, waste of bandwidth and space....


I hate doing this but....the best way for people like you to bypass the admin password is to take 2 paperclips, unplug the monitor,straighten the paperclips and insert them into the power outlet. It will reset the computer.

:)
Hi Tedob1,

I'm referencing the last "pm" that Cybr1d posted:

Quote:

---

The actual situation was, I am a teacher and while I was out, someone set up a password on xp pro where there was none before.

---

I assume that whoever added the password did so with admin rights, provided the teacher was logged on as Admin, leaving the box unattended, and later returning to discover that he/she's been locked out by virtue of the password. The initial post that started the thread sets up a different scenario, which is merely a configuration issue, hence the content of subsequent replies and possibly the trigger of the first "pm", clearly flavoured with the thread-starters frustration.

If I have mis-interpreted the thread, I stand corrected...

I stand corrected...

If I am totally paranoid, please tell me:

Quote:

---

I tried to reinstall xp but it asks me for xp pro service pack 1. I got my hands on that but have not tried using it because I'm sure its going to ask for the password before I reinstall.

---

I wish I had his copy of XP.......it must be clairvoyant............it knows of the future, and the release of SP1?....OR IT WOULD HAVE HAD SP1 WITH IT????????????????????????and then our "teacher" would not have had to "got my hands on it" would he now?

And if you were the "IT dude" in a school or college, what would you do if one of your customers (a member of the academic staff) came to you with this problem............tell THEM to re-install XP?

All I can say is that if you want to balance your ap's, this is a very deserving case IMO.

;)

EDIT: Cyber1d, have you heard of an organisation called the ASPCPC?.............the American Society for the Prevention of Cruelty to Paper Clips...........I am given to understand that it is funded by the sales of Microsoft Office?

As I have said in the first post in this thread:

Quote:

---

Originally posted here by moxnix

The reason is that I don't know you. This was your first post and you are asking me (or anyone) to help you crack a computer I have no way of knowing that belongs to you.

AO is primarily a security site. We help people secure their computers against crackers and not help crackers to get into them. Now I am not saying that you are such a person. I don't know. And, there is no way you can convince me -- on the internet-- that you are the owner and have the right to bypass the login of that machine.

---

A simplistic social engineering ply, that shows more of its true colors in his subsequent posts and PM's.

He was given at least 2 different methods of by passing his login problem in this thread, but they are not what he wanted, or he can't use them, because he doesn't own the computer.

If his 'computer dude'(cute teacher language) doesn't have a clue and says to reformat, than I sure wouldn't hire him to have anything to do with any computer I controlled.

And any teacher that leaves important files on a nonsecure computer shouldn't be teaching either, and some one should notify the superintendent of his school district.

"I wish I had his copy of XP.......it must be clairvoyant............it knows of the future, and the release of SP1?....OR IT WOULD HAVE HAD SP1 WITH IT????????????????????????and then our "teacher" would not have had to "got my hands on it" would he now?"

ROFLMAO you are a trip. i so totally missed that nihil

Whoa I gotta put in my two cents worth, if ANYBODY aked me what this guy did and told me the "computer dude" said to reload I would politly but firmly show the person (child) to the door

what IT pro ++ he should be if he works at a school, I know I was a student with bad manners++ would tell an instuctor to reload, **** he would confiscate the box and start the research on who actualy owns the box and what back doors, trojans, viri, whatever are there.

fess up youngster you are busted

The kid's like 15 give him a break...sux for him that us "nerds" are smarter than him. He put 1965 As his birth year...for a 39 years old, going over the hill, he sure sounds like a 15 year old who's DYING to get into his teacher's computer and with hopes to change his grades....It is the end of the spring semester is it not?

Listen kid...next time you plan to do something stupid, send me a PM ....chances are i've already done it before you. Its one thing to try to social engineer, and its another thing to try to social engineer professionals at the field and take us for idiots.

I've social engineed myself into getting laid kid...don't even try that **** on me. I think its past your bed time. He put "mamma's Boy" as his occupation...how lame. If you had put "Elementary School Teacher"...perhaps we would have given you the benefit of a doubt....Nah, not even that.

:)
sirmills,
any comments in defense of your situation...?

Hey Hey,

I wanted to say something clever and witty here, but all I could do is laugh. He's right about one thing.. I don't have any p***y right now, it's sleeping about 3 feet away from me. Maybe I'll go get me some just to prove him wrong... I'd love to flame this, but I've promised not to and it's rather old now...

I'm kinda curious now. Those of you that work for organizations and businesses. How many of you have some sort of password recovery software laying around? We have ERD Commander 2003 and the Linux bootdisk NT Password Cracker. Hell I even made a bootable XP CD that contains locksmith (Password Util from ERD) using BartPE. It's not overly difficult. So how many of you actually have some sort of software? I'd find it hard to believe that a schoolboard wouldn't fork out a couple hundred bucks (or the cost of a floppy/cd for the linux one) for software in case something like this actually happened.

While I'm posting, don't most schools usually run on domains? My College is on a domain, my HS is on a domain, and my former elementary school is now on a domain (that was too long ago for them to know what a domain was). Anyways... if the "IT dude" is that useless wouldn't you call one of the board guys to come down and fix the problem? They could just log in as a domain admin and fix the problems.

Just my 2 cents....


Peace,
HT

the kid is definitly giving it a heck of a try, albiet completly uneducated. im going to give him an 'A' for effort:

Ahhhhhhhhhhh!

now ill go neg'em!


ahh HT! ive got a linux disk for changing passwords but i never have to use it. in my world the admin sets the local admin password then sets up an account for the user.

the only time ive every had to crack passwords was for office files (access/excell) when people leave.

Yea your right I gots lots O password recovery stuff
As many vendors as we work with it isn't hard to talk a tech into letting you get into there dbase and pull some stuff out, or better yet just have him e-mail it :)

How many remember how to recover a cisco 1600 password ???? it's not that hard, but you do have to compleatly reset everything

Quote:

---

Originally posted here by oldguy

How many remember how to recover a cisco 1600 password ???? it's not that hard, but you do have to compleatly reset everything

---

Hey Hey,

Since we cover that in class (all the time.. it's amazing how many students get their jolies from changing passwords), here's a handy reference site that I keep in my bookmarks.
http://www.cisco.com/warp/public/474/

Quote:

---

ahh HT! ive got a linux disk for changing passwords but i never have to use it. in my world the admin sets the local admin password then sets up an account for the user.

---

That linux disk is great, we use it all the time because we rent out laptops and the students have full admin access (at the end of the semester we ghost them and issue them to new students). anyways.... It's great when the admin can do that, however I know at least a dozen teachers at my HS that had the local admin password, and only one of them was supposed to. Quite frequently they'd log me in and then walk away and leave me to fix the problems. So problems can arise, even without the IT people knowing about it. As soon as you share the password with a single person.... everyone starts to find out....

Man, I can't wait to get out into the real IT world...

Peace,
HT

:)
arrrgh...not the control/break sequence again.

:deal: remember your banner ads: "Authorized users only"

It is about choices...you know how to, but don't abuse.
Then some folks can't help it....

sirmills...?