TINNY Posted May 18, 2005 Report Posted May 18, 2005 I need help on how to use chntpw (from the Knoppix STD) to reset the WinXP admin password. CAn anyone help? Quote
alexander Posted May 18, 2005 Report Posted May 18, 2005 here is some info on pasword cracking and resetting, so whatever you choose to do is there:http://www.g4tv.com/screensavers/features/664/Dark_Tip_Windows_Password_Hacking.html p.s. you might want to use ntpasswd for this instead of chntpw, but i'll find some more info on the util too... Quote
TINNY Posted May 19, 2005 Author Report Posted May 19, 2005 alex, that site is blocked by the server, same as with all other sites that has to do with windows hacking. anyway, the problem when i use chntpw is that the error 'bad file descriptor' when i give the folllowing command: chntpw -u Administrator sam Quote
TINNY Posted May 19, 2005 Author Report Posted May 19, 2005 can anyone help decrypt this SAM file? Quote
alexander Posted May 19, 2005 Report Posted May 19, 2005 umm, ok, a few things there tinny...ok, one, why do you want to get the admin password? you can just reset it, I doubt you use windows EFS for anything, pretty much nobody does, so you are better off with resetting the password via hash insertion. Two, you'd have to check with the DMCA, but I'm pretty sure that decrypting someone elses (and maybe your) SAM file is sort of agains the law. And finally, if you have the file, the only util (that i know) to cark the windows hash file is loftcrack, i think only available for windows, oh and it takes a long while... so... Quote
TINNY Posted May 20, 2005 Author Report Posted May 20, 2005 DMCA is Digital Millennium Copyright Act. It's all about copyright law. Decrypting SAM files has nothing to do with copyright. Hmm, so it's loftcrack eh? I'll check it out. Thanks. You're ever so resourceful. Anyway,you can just reset it, I doubt you use windows EFS for anything, pretty much nobody does, so you are better off with resetting the password via hash insertionhow do you reset the password via hash insertion? I thought it wasn't possible to reset it if it is encrypted on winxp. Quote
Buffy Posted May 20, 2005 Report Posted May 20, 2005 DMCA is Digital Millennium Copyright Act. It's all about copyright law. Decrypting SAM files has nothing to do with copyright.Actually no, the DCMA specifically prohibits defeating *any* encryption mechanism, whether its being used to protect a copyright or not... Thanks Mr. Ashcroft! Cheers,Buffy Quote
TINNY Posted May 20, 2005 Author Report Posted May 20, 2005 Actually no, the DCMA specifically prohibits defeating *any* encryption mechanism, whether its being used to protect a copyright or not... Thanks Mr. Ashcroft!well, that would really stall the development of stronger encryption...I don't understand. Why would defeating encryption mechanism be prohibited? Why not just say that any act of obtaining private information be prohibited? Quote
Buffy Posted May 20, 2005 Report Posted May 20, 2005 well, that would really stall the development of stronger encryption...I don't understand. Why would defeating encryption mechanism be prohibited? Why not just say that any act of obtaining private information be prohibited?To increase the power of the law enforcement authorities. All you have to do is show someone was trying to break something using a method that *might* be used nefariously, and it prevents it from falling into the wrong hands, even if the person breaking the encryption had only altruistic motives. There was a guy who broke the encryption that Adobe built into PDF format about a year ago, even though he wasn't stealing anything, just proving that they encryption mechanism was weak and should be improved. Adobe finally figured out that the bad PR was not worth it and decided not to press charges so the Feds had to back off. Cheers,Buffy Quote
alexander Posted May 21, 2005 Report Posted May 21, 2005 DMCA is Digital Millennium Copyright Act. It's all about copyright law. Decrypting SAM files has nothing to do with copyright.the DCMA specifically prohibits defeating *any* encryption mechanism, whether its being used to protect a copyright or notI love you Buffy, you are so resourceful and handy :note:P.S. tinny, I would not have specified DMCA unless i was pretty sure that there really was something in there prohibiting decryption, and possibly specifically dealt with password hashes, I do know what DMCA is, and at one point even started reading it, with no success, i had better things to do...anyways, its lophtcrack, also spelled l0phtcrack, its not free and the new ones dont have trial, and i was only able to find version 2 (trial) on torrentsearch (try searching for LC2)anyways, you can also convert that SAM to a unix password file and run it through john... both ways are pretty slow and i think you'd be better off with juyst replacing the hash... Quote
TINNY Posted May 21, 2005 Author Report Posted May 21, 2005 i dont understand wat u mean by hash Quote
alexander Posted May 23, 2005 Report Posted May 23, 2005 hmm, let me try and explain, you see Tinny, a hash is a jumble, when you hash something you chop it into pieces and in CS hash refers to hash tables, which are an assocoative array that associates keys with values, and that is basically why it is a favorite way, for microsoft, to store their passwords. The technique of inserting new passwords for already existing accounts in microsoft is called hash insertion, and can be done from within knoppix std via ntpasswd, and most people who need access to their accounts and dont remember their passwords will do just the hash insertion, because they dont use EFS (microsofts encrypted file system). The only reason to actually decrypt a sam file would be only to gain access to the EFS-"protected" files, but to a normal user, just resetting their password should be more than sufficient... Quote
TINNY Posted May 25, 2005 Author Report Posted May 25, 2005 i don't think my knoppix std has ntpasswd. would it be possible for you to attach the program and PM to me? I can't open certain sites, especially sites on windows hacking coz it's blocked by the admin at my computer lab.Thanks.. Quote
C1ay Posted May 25, 2005 Report Posted May 25, 2005 i don't think my knoppix std has ntpasswd. You can download a floppy image here. Look at the bottom of the page for the download and instructions. HTH, Quote
TINNY Posted May 26, 2005 Author Report Posted May 26, 2005 c1ay, that site is also blocked. I cannot access it. It'd be good if you could PM it or email the file. Quote
C1ay Posted May 26, 2005 Report Posted May 26, 2005 c1ay, that site is also blocked. I cannot access it. It'd be good if you could PM it or email the file.Can you get to the site through a free proxy like Anonymouse? Try this link. There are more anonymizers here you could try as well. Just go to the proxy and put in the address to redirect to. The address you want is http://home.eunet.no/~pnordahl/ntpasswd/ The site has the instructions, different images, release notes and other info that could be useful. It would be hard to reproduce all of it to PM you. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.