Password Recovery?

[ZeroCool]

I administer a few computers on my network at work and it seems that everyone forgets their password and think its my problem to recover there data. so i end up having to tell them their data is finished and they have to start over. Is there a way i can Get there lost password (perferred) , clear or set a new password with out any access to the os just the physical computer.

Can i make a bootable disc or CD that can do this for:

>WinXP pro
>WinXP home (i dont know y they run this????)
>Win 2000 (server, advance server)
>NT 4.0 Server
>NT4.0 Workstation?

All NTFS partion's

[siyan]

There are programs to do it. I'm not an expert on this but take a look here:
http://www.technerd.net/pwordrecovery.html

Hehe....silly users.

[siyan]

Just another thought....I believe you can remotely take ownership of any files since you are the admin (either through knowing the local admin password or by being the domain admin or somesuch). After taking ownership the files are pretty much yours to do with as you please. IE: recovery shouldn't be all that hard unless you lost the admin password, and even then...

[ZeroCool]

thanx siyan

[VisionIT]

Just another quick note:

All the passwords are stored in .SAM files usually located @ c:\winnt\config & c:\winnt\system(\32)

Removing all the .SAM will remove all NT profiles from the system, but leave the files intact.

There's a program called LophtCrack i think which reads in all current and previous passwords from a users .SAM file!

Hope that helps.

Regards,

Paul.

[parksie]

I thought they were one-way encrypted? A decent password will be mostly uncrackable.

[VisionIT]

Originally posted by parksie
I thought they were one-way encrypted?

Nope...

Trust me... the program exists, and works. Quite worrying really. Government Organisations use them for noobie users who can never remember their passwords. I should know, i worked in one for a while, and had numerous users calling.

Twits

Regards,

Paul.

[VisionIT]

Lopht Crack

There you go...

All the tools needed to decode SAM and REGISTRY entries.

Ahhh.. the joys of working for the government!

Regards,

Paul.

[parksie]

Now I know why I prefer Unix, one-way hashes are the only way to store passwords

[NoteMe]

I remember that I "hacked" my first NT computer more or less the way VisionIT is trying to explain...

[siyan]

Originally posted by parksie
Now I know why I prefer Unix, one-way hashes are the only way to store passwords

I don't know that much about encryption (the math is rather mind boggling) but I don't think its *entirely* one way, is it?

[parksie]

No. It's just computationally infeasible to go the "wrong way" through the process. MD5 has been successfully cracked (note that we knew exactly what to do, just not how to do that within a reasonable timescale) and it took a few days and a LOT of CPU power I think.

Basically, by the time you've cracked it, their security policy has enforced a password change anyway

[siyan]

Ahh. Thought so

[<ABX]

I thought MD5 would take too long to crack?

How was it done?

[siyan]

Originally posted by <ABX
I thought MD5 would take too long to crack?

How was it done?

a few days with a lot of cpu power is considered "long".

basically you're talking total CPU time,

a crude way to calculate it i guess would be AverageGFlops*Time

[<ABX]

for a lot of power are we talking a 3 ghz or huge servers?

[Sastraxi]

We're talking about long enough that you needn't worry about it

[NoteMe]

I am in a team that tryes to break a 64bit encryption. And it is mant thousend that tryes to do it at the same time, everybody working togheter like the SETI team....and with the current speed it will take us about 505k years to get thrue all keys. That is a long time....

[siyan]

Originally posted by <ABX
for a lot of power are we talking a 3 ghz or huge servers?

Probably massive amounts of non-x86 systems running in parallel.