Re: Windows XP Pro cracker?

["Larry Offley" <larry () pcgalore com>]

For every other admin password on win2k/winxp/winnt and so on
http://home.eunet.no/~pnordahl/ntpasswd/

I have used this on XP and w2k many times. Also resets locked out accounts
and so forth. Most current build on the site is from April but works great.
Also on the site is a link to a method to reset AD (active directory)
account as well. Best part it's all free.

Larry Offley
PC Galore

----- Original Message ----- 
From: "David" <David () cawdgw net>
To: "Marco Obaid" <marco () muw edu>; <security-basics () securityfocus com>
Sent: Friday, September 05, 2003 7:28 AM
Subject: RE: Windows XP Pro cracker?


> If you were using the tool with build from something like two years ago, I
> don't think your syskey was enabled. The boot disk from two years back
does
> not work on systems w2k and newer with syskey active. syskey on nt4.0 does
> not affect the tool. If someone has a newer build that works with syskey
on
> the newer systems, someone point out the site so I can purchase it.
>
> Weiss
>
> -----Original Message-----
> From: Marco Obaid [mailto:marco () muw edu]
> Sent: Friday, September 05, 2003 12:00 AM
> To: security-basics () securityfocus com
> Subject: RE: Windows XP Pro cracker?
>
>
> Hi,
>
> > If someone tries this on Windows XP or 2000 w/ syskey enabled (which it
is
> > by default), let me know.
>
> I just tried it on my XP Pro (patched up-to-date) and here is my findings:
>
> It works well, but it is best to *blank* the password first and change it
to
> whatever you want *after* you logon to the system.
>
> I created a user called "user" and assigned it a password. Then, using
this
> tool, I changed the password. I could not logon to the system using
"user",
> nor
> was I able to change the password from the Administrator account. So I
used
> the
> tool again and *blanked* the password for user. Then, I was able to logon
as
> usaul. The same thing happend when I used this tool against Administrator.
>
> This is my first time using this tool and I read every note in the docs.
>
> Hope this helps
> Marco
>
> _________________________________________________________________
> This mail is sent through MUW Webmail: http://www.MUW.Edu/webmail
> For the latest MUW Events, visit  http://www.MUW.Edu/calendar
>
> --------------------------------------------------------------------------
-
> Attend Black Hat Briefings & Training Federal, September 29-30 (Training),
> October 1-2 (Briefings) in Tysons Corner, VA; the world's premier
> technical IT security event.  Modeled after the famous Black Hat event in
> Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
> Symantec is the Diamond sponsor.  Early-bird registration ends September
> 6.Visit us: www.blackhat.com
> --------------------------------------------------------------------------
--
> --------------------------------------------------------------------------
-
> Attend Black Hat Briefings & Training Federal, September 29-30 (Training),
> October 1-2 (Briefings) in Tysons Corner, VA; the world's premier
> technical IT security event.  Modeled after the famous Black Hat event in
> Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
> Symantec is the Diamond sponsor.  Early-bird registration ends September
6.Visit us: www.blackhat.com
> --------------------------------------------------------------------------
--
>



---------------------------------------------------------------------------
Captus Networks 
Are you prepared for the next Sobig & Blaster? 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans 
 - Precisely Define and Implement Network Security 
 - Automatically Control P2P, IM and Spam Traffic 
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit 
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------