Password Recovery

gravator

gravator

Member
Reaction score
2
Location
Springfield, MO
Hey guys I have a client that is needing their password reset b/c they forgot it. Do you have any suggestions on a program to use to reset the admin password on a Windows 2000 Machine? Thanks
 
If the account is not admin you may be able to boot into safe mode and using the hidden admin account, reset the users account. If not try ERD Commander , Active boot CD or Hiren's boot CD.
 
You could also grab the HASH using a utility and put it into some cracking software (like Cain). That is, if you actually want to get the old password back. To reset, like everyone said, use Safe Mode.

Worse comes to worse, use UBCD4Win and grab any needed files off the drive and format it. That's the WORST case scenario, though.
 
What ebm said. It's never failed me. I onece used that CD to blank the admin passwords on 30 machines that the sacked sysadmin had messed with when he saw what was coming. I use it at least once a week for people who don't leave me their account passwords and I subsuquently can't contact straight away.

When you download it, it's an ISO so you'll need relevant software to burn to CD. A very simple one is http://isorecorder.alexfeinman.com/isorecorder.htm
 
i had to to this a while ago, so i hope its correct.

boot into safe mode with command prompt,
then type in net user <enter>
then net user (the user name) * <enter>
and type the new password,
and confirm it.
i hope it helps.
 
If you need the password back because of EFS or whatever ophcrack has a bootable cd and rainbow tables to really speed it up. It only has tables for passwords that are so long, 9 charectors I think, but if you believe it's that or less you can give it a try. If there are no encrypted files you can run many different livecd's and simply wipe the password and do whatever you want. I've done it myself, can't remember the livecd... probably some linux one. Quick AND easy.
 
ebm said:
Is it not necessary to crack or format the machine, ever.

Here's your solution: http://home.eunet.no/pnordahl/ntpasswd/
Click to expand...

I disagree, if they are using an encrypted file system and you did that I believe you just lost all those files.

EDIT:

Recovery

Files encrypted with EFS can only be decrypted by using the RSA private key(s) matching the previously-used public key(s). The stored copy of the user's private key is ultimately protected by the user's logon password. Accessing encrypted files from outside Windows with other operating systems (Linux, for example, or even another instance of Windows) is not possible — not least of which because there is currently no third party EFS component driver. Further, using special tools to reset the user's login password will render it impossible to decrypt the user's private key and thus useless for gaining access to the user's encrypted files. The significance of this is occasionally lost on users, resulting in data loss if a user forgets his or her password, or fails to back up the encryption key. This led to coining of the term "delayed recycle bin", to describe the seeming inevitability of data loss if an inexperienced user encrypts his or her files.
 
Last edited:
I tested Ophcrack on my computer, just to see how good it is. It failed to find my password. So it probably only works w/ easy passwords. My password is made up of a bunch random stuff, nothing in particular. That's why I wrote it down somewhere. I tend to forget my passwords a lot. They're all long and completely random.
 
daeemann said:
I tested Ophcrack on my computer, just to see how good it is. It failed to find my password. So it probably only works w/ easy passwords. My password is made up of a bunch random stuff, nothing in particular. That's why I wrote it down somewhere. I tend to forget my passwords a lot. They're all long and completely random.
Click to expand...

Granted it only works up to a certain number of letters and numbers and I believe it leaves out special punctuation. It's far from perfect but most people I know pick passwords like "berries" or something easy. I try and train them into proper password use/creation but I'm only one man. Look up the diceware method for something truly hard to crack but very easy to remember. Also most people wouldn't use EFS anyway so just crack it or grab their files, just thought it would be important for someone to at least be aware of it. I tested ophcrack myself with my easy home password, and while it's short and just numbers/letters they are somewhat random and it found it. I think the character limit is something like 9 or so.

http://world.std.com/~reinhold/diceware.html
 
daeemann said:
I tested Ophcrack on my computer, just to see how good it is. It failed to find my password. So it probably only works w/ easy passwords. My password is made up of a bunch random stuff, nothing in particular. That's why I wrote it down somewhere. I tend to forget my passwords a lot. They're all long and completely random.
Click to expand...

I use ophcrack, It always finds passwords. the easy and hard ones. but i also
have it installed on my Alienware Area-51 m17x, i just use the live cd to export the hashes, and use my notebook to crack then with rainbow tables. it usually take by average 2-10 seconds to crack the password.
 
I have a tool that sounds very similar to Heriberto's..
If anyone is interested, ill find the CD in the morning, boot it up and see what its actually called and find the link for it. I'm pretty sure its still starred in my Google Reader account too. Way quicker to reset any Windows password than any other boot cd i've come across. (Tested on Vista SP1/XP SP2/3 only)
 
Really, Ophcrack worked for you? Well I just ran the livecd version. I didn't try exporting the hashes. I just wanted to see if the program could hack my password from the cd itself. But I just counted the number of symbols in my password, and it happens to be more than 9. I heard Ophcrack works w/ less than 9 symbols, so that could be the problem. The cd ran for slightly over 8 minutes, then it came back w/ unknown password. But I guess the average user would use less than 9 symbols.
 
Last edited:
daeemann said:
Really, Ophcrack worked for you? Well I just ran the livecd version. I didn't try exporting the hashes. I just wanted to see if the program could hack my password from the cd itself. But I just counted the number of symbols in my password, and it happens to be more than 9. I heard Ophcrack works w/ less than 9 symbols, so that could be the problem. The cd ran for slightly over 8 minutes, then it came back w/ unknown password. But I guess the average user would use less than 9 symbols.
Click to expand...

yeah its suppose to only work with up to 9, but it broke my pass it was 10 digits and symbols

i also dont use the vista dictionary i use the expensive tables :)
 
You must log in or register to reply here.

Similar threads

HCHTech
Quickbooks Enterprise 2024 multi-user issues
Replies
7
Views
158
Markverhyden
Markverhyden
HCHTech
Permission Hell
Replies
12
Views
482
Sky-Knight
Sky-Knight
Appletax
[SOLVED] Client wants someone to hack Facebook to get him back into his account
Replies
6
Views
544
frase
frase
thecomputerguy
Am I terminating employees correctly in Office365?
Replies
4
Views
230
Sky-Knight
Sky-Knight
thecomputerguy
Client can't login to Google account using their own email.
Replies
8
Views
182
timeshifter
timeshifter
Back
Top