windows xp password cracking
Riddick
Malaysia Icrontian
i have recently just got my hands on a friends laptop which is installed with windows xp and he wants me to retrieve several important files from the harddisk before i format and reinstall. the problem is he forgot is password for his admin login.
i have heard of ways of cracking the password while you are logged in windows, but that just defeats the point doesnt it?
so my question is, is there a way of cracking the password without being able to log in at all? and how?
i have heard of ways of cracking the password while you are logged in windows, but that just defeats the point doesnt it?
so my question is, is there a way of cracking the password without being able to log in at all? and how?
0
This discussion has been closed.
Comments
Buy a laptop HD IDE converter, take the HD out of the laptop and hook it to the converter which you would then plug into a desktop PC.
And unless he had encryption turned on, regardless of file system, you should be able to read his files if you are using a 2000 or XP desktop system.
As for password cracking, I have had some success with using @tstake software's Lopht Crack 4 to crack the file that contains all the passwords for the users of the system. You can only crack it if the file isn't being used. This file is the SAM file located in X:\windows\system32\config. I think I remember another tool that would let you copy the SAM file while in windows so you had access to it. Or you can also copy it via a network share if you can set that up, I think.
I don't think this will get me into any trouble will it.
i have this software called SAMinside which also utilizes this method...
can i actually boot the pc with a boot disk and copy the SAM file into a diskette(i know it will fit.. its around 20kb) because as i said i cannot log into windows to copy the file.
once the SAM file is aquired and the program does the cracking process, will it take long?
http://home.eunet.no/~pnordahl/ntpasswd/
Download the software to make a boot disk. Then follow the instructions on the site.
I won’t be held responsible if it doesn’t work althought I have used it loads of times and not had it fail on me once.
\\EDIT: Actually you could just copy the files he needs to save to external media (USB Drive would be easiest) then no need to log back into XP at all.
security tools distribution
http://www.knoppix-std.org/
Knoppix-STD is a customized distribution of the Knoppix Live Linux CD. Boot to the CD and you have Knoppix-STD.
I have a friend that has used the one you speak of. He highly recommended it too.
John the Ripper ( http://www.openwall.com/john/ ) is good. You'll need to get the hashes out from the sam file (John will read hashes not the original file) using samdump.exe out of the pwdump2 package ( http://razor.bindview.com/tools/desc/pwdump2_readme.html ). Keep in mind this stuff is all command line so hopefully you're comfortable there. Anyway if you want an alternative to l0phtcrack look no further than these.
-drasnor
http://www.short-media.com/forum/showthread.php?t=6590
The program I linked there works very, very well, as it boots in a Linux shell and allows you to edit the SAM files.
Dexter...
Just so ya know, they're legit. Not Office XP Pro, its Office XP for Students. He bought them on campus down here (FL) and lost the CDs. Sucks to be him. *lol*
Took 15 min to make the disc, 30 min to read the instructions, and 1 min to remover the password.
try this
http://www.trinityhome.org/trk/index.shtml
The other choice is to copy everything over and reformat. The prob is that given MS bs some progs may not like to run after the copy over.
Windows XP, which has been marketed by Microsoft as "the most secure version ever," has been found to have a flaw so bone-headed that it renders passwords ineffective as a means of keeping people out of your PC.
Reader Tony DeMartino alerted me to the problem, which all administrators
of Windows XP machines should immediately take to heart:
Anyone with a Windows 2000 CD can boot up a Windows XP box and start the Windows 2000 Recovery Console, a troubleshooting program.
Windows XP then allows the visitor to operate as Administrator without a password, even if the Administrator account has a strong password.
The visitor can also operate in any of the other user accounts that may be present on the XP machine, even if those accounts have passwords.
Unbelievably, the visitor can copy files from the hard disk to a floppy disk or other removable media - something even an Administrator is normally prevented from doing when using the Recovery Console.
But don't tell anyone I told you this
Second, you didn't even READ the whole thing. Post 13 in this thread says the exact same thing
You were picking the "cracking" rule to bitch about here. I was clarifying why this possibly didn't get "warned", and giving you an example of what is likely meant by the cracking rule. Perhaps it would be clearer if you read the word "you" in my post as "someone".
Edit-
and whether or not prime warned him doesn't really matter. It's an administrative decision.
They're not cracking software. Cracking software is using a program to get around not having a cd/cd-key/etc. Cracking software is done to use programs that you don't own. They're trying to get a friend who forgot his password into his system. There is a difference. Perhaps there are degrees of "cracking"...not just "cracking" and "not cracking".
edit -
Anyone else notice this thread has 15k views...gogo google searches for windows xp cracking