Say your pc becomes disconnected from your network and there by your domain where your user accounts are controlled or someone dies it may be necessary to hack a windows Administrator password.
While the Offline NT Password & Registry Editor, Bootdisk / CD seemed like easiest method for resetting windows passwords I had trouble with it and had to find an alternate method.
This alternate method consisted of booting up the machine with Linux distro Knoppix, and copying the system32/config directory which contains the SAM file onto a usb flash drive. The SAM file is the Security Accounts Manager Windows uses to store password "hashes" which amounts to essentially encrypted passwords.
I then copied the necessary files to another windows machine on which I had installed SAMinside. SAMinside was instantly able to tell me all the user names for the locked box and offered the ability to do a brute force / dictionary hybrid attack that tried over 4 million passwords a second. Luckily, the password i was trying to crack was a simple 6 letter dictionary word so it only took about an hour.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment