RE: restore Administrator password

["Maher Odeh" <rax () netvision net il>]

Hi
I wouldn't suggest deleting the SAM file, indeed it was possible perior
to SP2 and it didn't cause any problem, 
Last time I deleted the SAM to restore a password my machine crashed and
I couldn't get beyond the logon window
As I got the blue screen of death with many error dumps regarding the
SAM file missing ...

I would suggest / recommend ERD software , a very good software included
in the Winternals Adminstrator's pack 
Using this software you can create a bootable CD to recover everything
you want, the bootable CD looks excatly like WindowsXP
There's a utility there called password smith , this utility will help
you to CHANGE your users passwords and your own password 
Instead of deleteing the SAM file and get in troubles :-)

//Maher
 

-----Original Message-----
From: Huddleston, James E SPC, S-2 [mailto:james.huddleston () us army mil]

Sent: Monday, April 19, 2004 9:56 PM
To: 'security-basics () securityfocus com'
Subject: restore Administrator password

Depending on the size of your company, you could have them purchase a
program called NTFSPro, it allows you to boot to dos and mount the NTFS
partition, then you just have to delete the sam file, it will reset the
admin password to blank, but it deletes all other accounts as well.  If
you write a script to run at bootup you can have it create a new account
with admin rights, then instead of deleting the sam file, just rename
it, after you create the script, re-rename the sam file back and login
with the newly created administrative account.

Huddleston, James E.

-----Original Message-----
From: ZEN
To: sec; security-basics () securityfocus com
Sent: 4/18/2004 11:47 AM
Subject: Re: restore Administrator password

umm.....if u use something of a pasword cracker...and the admin guy used
a decent password of about 8 characters or so that are not directly out
of a dictionary....u could get stuck for along long time cracking the
password.
Go along with the bd040116/cd040116 file i mentioned in an earlier mail
to do it for you.
    Heres another way i found you could do it(i fiddle a lot with system
files). Goto your system32 directory and create a backup of logon.scr
and then delete it!!!
    now rename cmd.exe(make a backup of this also) as logon.scr.
    Now logoff your computer and leave it on for abt 20 mins(patience
it'll happen).Now instead of running the screensaver your OS will run an
unprtected command prompt where you can use the command : "net user
<name of admin a/c> <new password>" (Note you do not need the old
password to change
it!!!!)
    This will not work while your logged on as another user as it will
return an error saying that you do not have sufficient right. But before
logging in there are no restrictions created ;-)
    It works in XP which is just a build up on Win2000/NT so it should
work in your system.
Best of luck cracking the password.

-ZEN
----- Original Message -----
From: "sec" <sec () moomia com>
To: <security-basics () securityfocus com>
Sent: Saturday, April 17, 2004 2:35 AM
Subject: Re: restore Administrator password


> What you need is a knopix CD from knoppix.org and get something like
lophtcack or caine
> and able and you will be able to crack the password.
> Depending on the password strength this could be done in a couple of
seconds or some minutes.
> good luck
>
>
> ---------- Original Message -----------
> From:
> To:
> Sent:
> Subject:
>
>
> ------- End of Original Message -------
>
>
> SPAM-PROTECTION KEY: kp1e9z8vqqcdmp624tflf5n5
> See http://www.moomia.com/spamcheck.htm
------------------------------------------------------------------------
--
-
> Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off
> any course! All of our class sizes are guaranteed to be 10 students or
less
> to facilitate one-on-one interaction with one of our expert
instructors.
> Attend a course taught by an expert instructor with years of
in-the-field
> pen testing experience in our state of the art hacking lab. Master the
skills
> of an Ethical Hacker to better assess the security of your
organization.
> Visit us at:
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
--
--
>

------------------------------------------------------------------------
---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off 
any course! All of our class sizes are guaranteed to be 10 students or
less 
to facilitate one-on-one interaction with one of our expert instructors.

Attend a course taught by an expert instructor with years of
in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization.

Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----

------------------------------------------------------------------------
---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off 
any course! All of our class sizes are guaranteed to be 10 students or
less 
to facilitate one-on-one interaction with one of our expert instructors.

Attend a course taught by an expert instructor with years of
in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization.

Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------