Security Basics mailing list archives
RE: Windows XP Pro cracker?
From: "Sarbjit Singh Gill" <ssgill () gilltechnologies com>
Date: Sun, 7 Sep 2003 13:02:36 +0800
Well said Marc!! Gill -----Original Message----- From: Marc-Andre Poupier [mailto:mapoupier () maximiz com] Sent: Friday, September 05, 2003 9:02 AM To: security-basics () securityfocus com Subject: RE: Windows XP Pro cracker? OK guys this seems to be a pretty active thread Just so we know everybody is on the same page 3 things here reseting password on system with Syskey enabled, AD password recovery and Directory service restore mode password. First when you have a system with syskey enabled there's a flag in the SAM that tell's you the syskey is enabled and when you reset a password with any tools it will create a standard plain old HASH so when you reboot the Winlogon subsystem will convert the password to a syskey encrypted password. Second in Active directory there's 2 password on domain controller one is used when your AD is up and running (your standard admin password) and the second is the Directory service restore mode password this password is used when your AD is OFFLINE so it is NOT store at the same place that your old password (you are prompted to enter this password when you run the dcpromo wizard). So you are in offline mode when you are in the recovery console or in directory service restore and other AD disabled mode. This password may or may not be the same as your standard AD password. So you can use standard tool (such as the boot disk dicussed in this thread) to reset the offline password then you can get access to the machine a reset the ONLINE password by some trick.... For win2k Domain password http://www.jms1.net/nt-unlock.html For every other admin password on win2k/winxp/winnt and so on http://home.eunet.no/~pnordahl/ntpasswd/ If you are un-sure you understand 100% of the explanation in these 2 sites I strongly recommend you to not touch any of this stuff... and deal with some real professional. *NO WARRANTY OF ANY KIND IN THIS MESSAGE* :-D Marc-andre Poupier, MCSE, MCT, CCNA -----Original Message----- From: Ansgar Wiechers [mailto:bugtraq () planetcobalt net] Sent: Thursday, September 04, 2003 6:21 PM To: security-basics () securityfocus com On 2003-09-04 Halverson, Chris wrote:
I mean for the recovery console. Changing the Administrator password does not affect the recovery console administrator password. There is a difference!
No, there isn't. You are wrong. Regards Ansgar Wiechers ------------------------------------------------------------------------ --- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ----------------------------------------------------------------------------
Current thread:
- RE: Windows XP Pro cracker?, (continued)
- RE: Windows XP Pro cracker? George Peek (Sep 04)
- RE: Windows XP Pro cracker? Marco Obaid (Sep 04)
- RE: Windows XP Pro cracker? David (Sep 05)
- Re: Windows XP Pro cracker? Larry Offley (Sep 08)
- RE: Windows XP Pro cracker? Marco Obaid (Sep 04)
- RE: Windows XP Pro cracker? Bob Beck (Sep 04)
- Re: Windows XP Pro cracker? Johan Denoyer (Sep 04)
- RE: Windows XP Pro cracker? George Peek (Sep 04)
- RE: Windows XP Pro cracker? George Peek (Sep 04)
- RE: Windows XP Pro cracker? Marc-Andre Poupier (Sep 04)
- RE: Windows XP Pro cracker? dave hartnell (Sep 08)
- RE: Windows XP Pro cracker? Marc-Andre Poupier (Sep 05)
- RE: Windows XP Pro cracker? Sarbjit Singh Gill (Sep 08)
- RE: Windows XP Pro cracker? Mr Babak Memari (Sep 08)