Granted this is not a UNIX system, but in case there is a UNIX tool to accomplish the goal... I am looking for a bootable CD/DVD (or application to be placed on a CD/DVD to be made bootable) that can let me mount a Windows XP drive/partition (SP1 or SP2), and force-crack the admin password (even if admin account name has been changed, but I know what it has been changed to). The application cannot write to the hard drive - only mount it read-only, read the password file into ram, and show the cracked password. I know I can use the pnordahl utility to try and force-change the password, but I actually want to crack it. The utility should be free. This is a legal request. Thanks for leads. Scott
knoppix probably. On Jan 24, 2008 9:10 AM, Scott Ehrlich <scott at mit.edu> wrote:> Granted this is not a UNIX system, but in case there is a UNIX tool to > accomplish the goal... > > I am looking for a bootable CD/DVD (or application to be placed on a > CD/DVD to > be made bootable) that can let me mount a Windows XP drive/partition (SP1 > or > SP2), and force-crack the admin password (even if admin account name has > been > changed, but I know what it has been changed to). The application cannot > write > to the hard drive - only mount it read-only, read the password file into > ram, > and show the cracked password. > > I know I can use the pnordahl utility to try and force-change the > password, but > I actually want to crack it. > > The utility should be free. > > This is a legal request. > > Thanks for leads. > > Scott > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20080124/131dd591/attachment-0002.html>
Scott Ehrlich wrote:> Granted this is not a UNIX system, but in case there is a UNIX tool to > accomplish the goal... > > I am looking for a bootable CD/DVD (or application to be placed on a > CD/DVD to be made bootable) that can let me mount a Windows XP > drive/partition (SP1 or SP2), and force-crack the admin password (even > if admin account name has been changed, but I know what it has been > changed to). The application cannot write to the hard drive - only > mount it read-only, read the password file into ram, and show the > cracked password. > > I know I can use the pnordahl utility to try and force-change the > password, but I actually want to crack it. > > The utility should be free. > > This is a legal request.This is definitely OffTopic here on this list, please take it elsewhere. -- Karanbir Singh : http://www.karan.org/ : 2522219 at icq
Scott Ehrlich wrote:> > Granted this is not a UNIX system, but in case there is a > UNIX tool to > accomplish the goal... > > I am looking for a bootable CD/DVD (or application to be > placed on a CD/DVD to > be made bootable) that can let me mount a Windows XP > drive/partition (SP1 or > SP2), and force-crack the admin password (even if admin > account name has been > changed, but I know what it has been changed to). The > application cannot write > to the hard drive - only mount it read-only, read the > password file into ram, > and show the cracked password. > > I know I can use the pnordahl utility to try and force-change > the password, but > I actually want to crack it. > > The utility should be free. > > This is a legal request.You will need to brute force attack the passwords, using a utility that can read the SAM registry on disk, encrypt dictionary words, common names, common passwords as well as generate passwords and compare. I don't know of such a utility, but I have a feeling that you might have better luck finding that on Windows. If that is the case then you could create a WinXP USB drive to boot from. I find it easier to steal passwords through key logging, phishing (web or wireless) or social engineering then by brute force (as a security admin I test out our corporate environment routinely). -Ross ______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.
On Jan 24, 2008 9:10 AM, Scott Ehrlich <scott at mit.edu> wrote:> Granted this is not a UNIX system, but in case there is a UNIX tool to > accomplish the goal... > > I am looking for a bootable CD/DVD (or application to be placed on a CD/DVD to > be made bootable) that can let me mount a Windows XP drive/partition (SP1 or > SP2), and force-crack the admin password (even if admin account name has been > changed, but I know what it has been changed to). The application cannot write > to the hard drive - only mount it read-only, read the password file into ram, > and show the cracked password. > > I know I can use the pnordahl utility to try and force-change the password, but > I actually want to crack it. > > The utility should be free. > > This is a legal request. > > Thanks for leads. > > ScottYes, very OT. http://ophcrack.sourceforge.net/
on 1/24/2008 6:10 AM Scott Ehrlich spake the following:> Granted this is not a UNIX system, but in case there is a UNIX tool to > accomplish the goal... > > I am looking for a bootable CD/DVD (or application to be placed on a > CD/DVD to be made bootable) that can let me mount a Windows XP > drive/partition (SP1 or SP2), and force-crack the admin password (even > if admin account name has been changed, but I know what it has been > changed to). The application cannot write to the hard drive - only > mount it read-only, read the password file into ram, and show the > cracked password. > > I know I can use the pnordahl utility to try and force-change the > password, but I actually want to crack it. > > The utility should be free. > > This is a legal request. > > Thanks for leads. > > ScottXP passwords are stored as hashes. You need to brute-force guess and compare the created hashes to the stored ones. If the user has the same password stored in programs like outlook express, that is much easier. But forensically, changing the password to gain access is usually sufficient. Knowing the original password is not that valuable in a legal scenario, as you will need a warrant anyway to access anything else that might be protected by that password. If it is that critical, find a certified PC forensics specialist. One misstep on your part will make the evidence worthless in court. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 187 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20080124/08e55717/attachment-0002.sig>