Security Basics mailing list archives

FW: restore Administrator password

From: "Huddleston, James E SPC, S-2" <james.huddleston () us army mil>
Date: Mon, 19 Apr 2004 21:55:52 +0200

Ok, I gave pretty much the same solution so I'll be more through.  
1.  Start by booting into NTFSPro and rename the sam file to sam.bak
2.  Reboot system and login as Administrator with blank password.
3.  Create a .bat file with the following commands:
     net user test test /add
     net localgroup administrators test /add (Local box/Member Server)OR
     net group "Domain Admins" test /add     (Domain Controller)
4.  Add the batch file to the RunOnce Registry Key
5.  Reboot system to NTFSPro again
6.  Rename sam.bak to sam
7.  Reboot system, it will create test username with test password as an
    administrative account.
8.  Re-set password on original admin account.
9.  DELETE TEST ACCT!!!

Hope this helps,

Huddleston, James E.

-----Original Message-----
From: Steven A. Fletcher
To: Andreas Freyvogel; security-basics () securityfocus com
Sent: 4/19/2004 6:02 PM
Subject: RE: restore Administrator password

The only problem with this solution is the fact that you would lose any
file security that you had configured on the server for other users.
Just because you recreate that account with the same name does not mean
they will have the same access as they had before.  Security is based on
the account Security Identifier (SID), not the account name.

Steve Fletcher
Senior Network Engineer, MCSE, Master ASE, CCNA
Integrity Technology Solutions
Phone: (309)664-8129
Toll Free: (888) 764-8100 ext. 129
Fax: (309) 662-6421
sfletcher () integrityts com

-----Original Message-----
From: Andreas Freyvogel [mailto:afreyvogel () ecmarket com] 
Sent: Friday, April 16, 2004 6:35 PM
To: security-basics () securityfocus com
Subject: RE: restore Administrator password

Filip,

If you have physical access to the drive then boot with dos (ntfsdos)
and go
to the %winnt%\system32\config folder. Delete the SAM file and when you
reboot the machine you will have no password for the administrator
account.
Keep in mind that this will delete any other users on the system. You
just
need to recreate them with the same names and they will be fine again.

Good luck.
-Andreas


-----Original Message-----
From: filip.danes () loweworldwide com
[mailto:filip.danes () loweworldwide com]
Sent: Friday, April 16, 2004 7:18 AM
To: security-basics () securityfocus com
Subject: restore Administrator password


Hi
I am very sorry for stupid question but I need help from you. How can I
restore Administrator password in OS Microsoft Windows 2000
Server. This server is not any domain controler. It is installed as
Standalone.
Do you know any procedure how reset password? I have access to the
server
only physical. I can not login there because I do not know Administrator

password (company changed Administrator guy who not told password for
Administrator)
Thank you very much for your answer and help.
Best regards,
Filip

------------------------------------------------------------------------
---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off
any course! All of our class sizes are guaranteed to be 10 students or
less
to facilitate one-on-one interaction with one of our expert instructors.

Attend a course taught by an expert instructor with years of
in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization.

Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----



------------------------------------------------------------------------
---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off
any course! All of our class sizes are guaranteed to be 10 students or
less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of
in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----




------------------------------------------------------------------------
---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off 
any course! All of our class sizes are guaranteed to be 10 students or
less 
to facilitate one-on-one interaction with one of our expert instructors.

Attend a course taught by an expert instructor with years of
in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization.

Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----


------------------------------------------------------------------------
---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off
any course! All of our class sizes are guaranteed to be 10 students or
less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of
in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

Re: restore Administrator password, (continued)
- - Re: restore Administrator password Prashant (Apr 19)
- Re: restore Administrator password sec (Apr 16)
  - Re: restore Administrator password ZEN (Apr 19)
    - RE: restore Administrator password Nathan Hall (Apr 19)
  - RE: restore Administrator password JTH (Apr 19)
- Re: restore Administrator password Maskeye (Apr 19)
- RE: restore Administrator password Steven A. Fletcher (Apr 19)
- RE: restore Administrator password Sullivan, Glenn (Apr 19)
- Re: restore Administrator password Paul Wiggins (Apr 19)
- restore Administrator password Huddleston, James E SPC, S-2 (Apr 20)
- FW: restore Administrator password Huddleston, James E SPC, S-2 (Apr 20)
- RE: restore Administrator password Maher Odeh (Apr 24)
- RE: restore Administrator password Psyiode (Apr 27)
  - Recover Yahoo MEssenger password Naren (Apr 28)
    - RE: Recover Yahoo MEssenger password Raoul Armfield (Apr 28)
    - Re: Recover Yahoo MEssenger password Naren (Apr 29)
    - RE: Recover Yahoo MEssenger password Rod Trent (Apr 28)
- RE: restore Administrator password SMiller (Apr 27)