Getting the Admin password for Windows XP

So we recently had an issue where we needed to run Checkdisk on a XP box and we did not have the administrator password to proceed. This was a good oportunity to try out Ophcrack which we downloaded a few days earlier.

Ophcrack is an open source (GPL licensed) program that cracks Windows passwords by using LM hashes through rainbow tables. One must have physical access to the machine you wish to get the password from though. You can download a live CD for XP or Vista here

So it was that easy...not quite. The security files for the OS were corrupted and Ophcrack kept on coming up with the "Not Found" message for the NT Password. It seems XP keeps a copy of the security files in a folder called "Repair" on the system. Here are the steps I followed to get Ophcrack to determine the admin password from the backup.

In Ophcrack click "Load->Encrypted SAM file" and navigate to /mnt/sda1/windows/repair

Note:
c:\windows\system32\config\sam (windows main copy)
c:\windows\repair\sam (possible backups in subfolders)

Then click "Crack"

In under five minutes Ophcrack determined the password and we were good to go.

Good stuff.

Comments

Post a Comment

Popular posts from this blog

How to Display Custom Wordpress Header with Google Analytics Site Tage and Adwords Site Tag

This post assumes you know how to create custom page templates in Wordpress using child themes. Locate this line of code in your page template (page.php) get_header(); Download the header.php file from the parent theme folder into your child theme folder Rename the header.php file you downloaded to header-with-analytics.php Change the get_header function in your page template to include the custom header file. In the brackets add the custom header filename like this get_header("with-analytics"); Everything after the header- in the filename is what you place between the brackets. Save and upload the custom header PHP file. Upload your modified page template file (page.php) Now the page template will load your custom header file called header-with-analytics.php Place your Google Analytics Site Tag or Google Adwords Conversion Tracking code in this header-with-analytics.php file as per Googles instructions.
Read more

Complete Uninstall iTunes on Windows 7 Pro 64-Bit

Recently I had an issue with my 64-bit iTunes software on my Windows 7 Professional notebook. iTunes could not be updated to the latest version and I constantly got this error message  "There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor." I tried uninstalling iTunes on my PC and re-installing with the same issue. It seems you need to uninstall a few software components related to iTunes. I did this and re-installed iTunes 64-bit on my Windows 7 Pro notebook successfully. Go to your Control Panel and choose "Uninstall a Program" or search the Control Panel (on the top right) with the term "uninstall" to locate the link Uninstall these software components in this exact order to avoid potential issues (as recommended on the Apple website) iTunes Apple Software Update Apple Mobile Device Support Bonjour Apple Applicati
Read more