Cracking NT server that became ownerless

**llipschutz** · February 22nd, 2002, 08:47 PM

L0pht has never made anything unstable, as far as I have ever used it. .

**mitymousse** · February 22nd, 2002, 09:44 PM

Gold Eagle-

Most of the SUN enterprise servers are NOT ULTRA's, They are E4500's up to E10000's.
My desktop is an ULTRA SPARC 5 with dual processors and maxed out on ram.

This server was not used for over a year, and reclaimed. It was in fact SQLserver 6.5.

And yes, they are worried about the price of a decent tool...unfortunatly. It was not that way a couple years ago, but then our stock price was in the $90 range and is now in the 6 - 7 dollar range!!!

Can we say "USELESS STOCK OPTIONS"

VanEck -

Thanks I will try it. I am not sure the advice I was getting internally was THAT reliable. Thats why I am here today!!!

FYI, I am prior Air Force too. But I was a Special Operations Combat Photographer and served in the GULF. Nothing to do with computers beyond the satelite gear I had for transmitting digital images.

I will try the above suggestions... Thanks everyone for you help!!!

Go WCOM stock!!!!!

**iNViCTuS** · February 22nd, 2002, 10:12 PM

Well...believe it or not...the admin that locked out these accounts should be responsible for this problem. He has to have an account on the system, and his logon password is technically the companies property since it resides on the companies systems.

I would suggest giving the guy a call and asking him for the password. Also, was this system a part of an NT domain? If so, have you tried using the domain admin accounts?

If all else fails, you can try getting your hands on the SAM database file, and using L0pht crack....Just like the others said...

**dspeidel** · February 22nd, 2002, 11:01 PM

Something to try is no password -m$ supports this even for NT 40 servers. Whe I worked in customer support we had several crash and burn test systems that was the password. I find that to be a somewhat standard password even on more secure systems (scary isn't it)

***gold eagle*** · February 23rd, 2002, 01:30 AM

ok mitymousse, you have a not insurmountable problem. Try what the others said and repost if you don't get anywhere. iNViCTuS is right, the admin could be "convinced" to give up the pwd. Also can you give us some info on its role, member, bdc etc? I am looking for a simple tool I used before that you stick in the floppy, reboot, and it grabs the minisam.
btw- I realize the spot you may be in, having gone through much downsizing myself. I hope your stock comes back too; mine is almost worthless to date. I knew it had to be sql 6.5.

***micael*** · February 23rd, 2002, 01:59 AM

Another thread about recovery tools for NT, it may be of help?
http://www.antionline.com/showthread...hreadid=140568

***s0nIc*** · February 23rd, 2002, 02:51 AM

Hmm this is a long shot.. but try to retrieve the SAM file in the "repair" folder. To do that you need to boot from floppy.. go to www.bootdisk.com to download the boot disk for WinNT4 and boot from floppy. from there u can copy the SAM to a floppy. when u have the sam file, download a program called SAM DUMP.. from there you can retriev local login names and passwords..

Though the sad part in NT is that Admin accounts CAN BE DELETED... but not in Win2k
so yeah.,..

**mitymousse** · February 25th, 2002, 07:57 PM

LLipschutz ... You Da MAn!!! Your suggestion to try:

http://home.eunet.no/~pnordahl/ntpasswd/bootdisk.html

Worked !!!! How simple was that!!! That is so easy it is scary!!!

Thanks Everyone!!!

Thread: Cracking NT server that became ownerless

Thread Tools

Display

Posting Permissions