Home | Community | Message Board

Cannabis Seeds - Original Sensible Seeds
This site includes paid links. Please support our sponsors.


Welcome to the Shroomery Message Board! You are experiencing a small sample of what the site has to offer. Please login or register to post messages and view our exclusive members-only content. You'll gain access to additional forums, file attachments, board customizations, encrypted private messages, and much more!

Shop: Left Coast Kratom Buy Kratom Capsules   Kraken Kratom Red Vein Kratom   Myyco.com Golden Teacher Liquid Culture For Sale   PhytoExtractum Kratom Powder for Sale   Unfolding Nature Unfolding Nature: Being in the Implicate Order

Jump to first unread post Pages: 1
InvisibleKrishna
कृष्ण,LOL
 User Gallery

Registered: 05/08/03
Posts: 23,285
Loc: oakland
how can i change a password i don't know on windows xp?
    #5105997 - 12/25/05 10:21 PM (18 years, 2 months ago)
Log in to view attachment

quite simply, actually.

windows lacks severely in file-permissions - thus one can access the windows registery through a linux boot, modify it, and save the changes - all without needing any permissions as one would on a *nix based system.

as this is a common problem (for example, you've forgotten the administrator password to your machine, or you get a computer from a friend and don't want to have to reformat it), there have been projects to compile a linux boot disk to accomplish just this task. A pretty thorough one is the Offline NT Password & Registry Editor. Using this disk (either a floppy or a cdrom, and with support for scsi drivers if need be), you boot your computer (if it automatically boots to Windows, you need to access your BIOS settings and change the boot order to load the floppy or cdrom - usually you can press DEL while booting up, but if need be check here) , and then access and change the registry files associated with the user whose password you wish to change. Rather than rewrite what he already has done, I thought to quote the installation process as detailed on that site. This will work on pretty much any Windows system, and with NTFS filesystems as well.

Quote:

How to use?
Yes, long text. Please read it all and the FAQ before mailing me questions

If you have the CD, all drivers are included. If you use the floppy, and you need the SCSI-drivers set, either prepare a floppy with the scsi-drivers .zip file unzipped (in \scsi), or put a selection of the drivers you need in the \scsi folder on the main floppy, there should be enough space for maybe a couple of drivers. In the latter case you don't need to carry around and swap floppies.

Overview

  1. Disk select, tell which disk contains the Windows system. Optionally you will have to load drivers.
  2. PATH select, where on the disk is the system?
  3. File select, which parts of registry to load, based on what you want to do.
  4. Password reset or other registry edit.
  5. Write back to disk (you will be asked)

DON'T PANIC!! - Most questions can usually be answered with the default answer which is given in [brackets]. Just press enter/return to accept the default answer.

1. DISK SELECT
Which disk contains your Windows system?

=========================================================
. Step ONE: Select disk where the Windows installation is
=========================================================
Disks:
Disk /dev/ide/host0/bus0/target0/lun0/disc: 2147 MB, 2147483648 bytes
NT partitions found:
1 :  /dev/ide/host0/bus0/target0/lun0/part1    2043MB  Boot

Please select partition by number or
a = show all partitions, d = automatically load new disk drivers
m = manually load new disk drivers
l = relist NTFS/FAT partitions, q = quit
Select: [1]

    * For most machines only one disk and parition is listed, if so, just go with selection 1 (default)
    * Otherwise select partition
    * If no disks or not all disks are shown, you may need to load disk drivers, for SCSI-controllers (or some IDE-raid controllers). Select d to go to the driver select menu for auto-probe (based what's found on the PCI bus)
    * If auto-probe won't work, you may have to load something manually, select m to do that (like the old system)

2. HOW TO MANUALLY LOAD DRIVERS
Try auto-probe (d) first, only do this if you have to manually try to load some or all drivers.

Select: [1] m
==== DISK DRIVER / SCSI DRIVER select ====
You may now insert or swap to the SCSI-drivers floppy
Press enter when done:
Found 1 floppy drives
Found only one floppy, using it..
Selected floppy #0
Mounting it..
Floppy selection done..
SCSI-drivers found on floppy:

1 BusLogic.o.gz
2 aic7xxx.o.gz
3 sym53c8xx.o.gz
[ ... ]

SCSI driver selection:
  a - autoprobe for the driver (try all)
  s - swap driver floppy
  q - do not load more drivers
  or enter the number of the desired driver

SCSI driver select: [q]

    * Select a for auto-probe, it will try to load all drivers, and stop when one loads properly. Some drivers may need more driver modules, so you may have to redo the auto-probe several times.
    * Or if you know what you want, just enter it's number or name.

SCSI driver select: [q] a
[ BusLogic.o.gz ]
Using /tmp/scsi/BusLogic.o
PCI: Found IRQ 11 for device 00:10.0

[.... lots of driver / card info ...]

scsi0: *** BusLogic BT-958 Initialized Successfully ***
scsi0 : BusLogic BT-958
  Vendor: FooInc  Model: MegaDiskFoo  Rev: 1.0
  Type:  Direct-Access                      ANSI SCSI revision: 02

[ ... ]

Attached scsi disk sda at scsi0, channel 0, id 0, lun 0
SCSI device sda: 8388608 512-byte hdwr sectors (4295 MB)
Partition check:
/dev/scsi/host0/bus0/target0/lun0: p1
Driver BusLogic.o.gz loaded and initialized.


    * You may then quit the selection with q or try for more drivers.
    * When you quit, you will get back to the disk select (see above) and hopefully see more disks.

3. PATH AND FILE SELECT
Where's the Windows system located?

On the selected partition/disk, the main files for windows can theoretically be anywhere. And we must find the registry files to be able to edit them. There are however some usual places:

    * winnt35/system32/config - Windows NT 3.51
    * winnt/system32/config - Windows NT 4 and Windows 2000
    * windows/system32/config - Windows XP/2003 and often Windows 2000 upgraded from Windows 98 or earlier.

These usual paths will be checked, and if found, they will be suggested as the default.

Selected 1
Mounting on /dev/ide/host0/bus0/target0/lun0/part1
NTFS volume version 3.1.
Filesystem is: NTFS

=========================================================
. Step TWO: Select PATH and registry files
=========================================================
What is the path to the registry directory? (relative to windows disk)
[windows/system32/config] :
-r--------    1 0        0          262144 Jan 12 18:01 SAM
-r--------    1 0        0          262144 Jan 12 18:01 SECURITY
-r--------    1 0        0          262144 Jan 12 18:01 default
-r--------    1 0        0        8912896 Jan 12 18:01 software
-r--------    1 0        0        2359296 Jan 12 18:01 system
dr-x------    1 0        0            4096 Sep  8 11:37 systemprofile
-r--------    1 0        0          262144 Sep  8 11:53 userdiff

Select which part of registry to load, use predefined choices
or list the files with space as delimiter
1 - Password reset [sam system security]
2 - RecoveryConsole parameters [software]
q - quit - return to previous
[1] :

    * If the directory is correct, something like the above will be listed (it may vary a bit..)
    * You may then choose some canned answers based on what you want to do.
    * Password reset is the default, and most used.
    * Option 2, RecoveryConsole is for setting 2 parameters that the Windows 2000 and newer RecoveryConsole (boot from CD, select Recovery and console mode) uses. One of the parameters allows RecoveryConsole to be run without it prompting for the admin password. If you do not know what RecoveryConsole is, don't bother. Or go search the net..
    * Or if you want to do manual edit of registry, select your hives to load. Enter all names on one line with space between.

We select 1 to edit passwords..

4. PASSWORD RESET
Everything is set and ready, let's roll!

=========================================================
. Step THREE: Password or registry edit
=========================================================
chntpw version 0.99.2 040105, (c) Petter N Hagen

[.. some file info here ..]

* SAM policy limits:
Failed logins before lockout is: 0
Minimum password length        : 0
Password history count        : 0

<>========<> chntpw Main Interactive Menu <>========<>

Loaded hives: <sam> <system> <security>

  1 - Edit user data and passwords
  2 - Syskey status & change
  3 - RecoveryConsole settings
      - - -
  9 - Registry editor, now with full write support!
  q - Quit (you will be asked if there is something to save)


What to do? [1] -> 1

===== chntpw Edit User Info & Passwords ====

RID: 01f4, Username: <Administrator>
RID: 01f5, Username: <Guest>, *disabled or locked*
RID: 03e8, Username: <HelpAssistant>, *disabled or locked*
RID: 03eb, Username: <pnh>, *disabled or locked*
RID: 03ea, Username: <SUPPORT_388945a0>, *disabled or locked*

Select: ! - quit, . - list users, 0x<RID> - User with RID (hex)
or simply enter the username to change: [Administrator]

Here you can enter the username you want to reset the password for. NOTE: It is case-sensitive, write it exact as listed (without the < and > of course)

Or if the name uses some characters that cannot be displayed, enter it's ID number (RID), like this: 0x1f4 would select administrator.

We select the default, which is administrator.

RID    : 0500 [01f4]
Username: Administrator
fullname:
comment : Built-in account for administering the computer/domain
homedir :

Account bits: 0x0210 =
[ ] Disabled        | [ ] Homedir req.    | [ ] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account  | [ ] NMS account    |
[ ] Domain trust ac | [ ] Wks trust act.  | [ ] Srv trust act  |
[X] Pwd don't expir | [ ] Auto lockout    | [ ] (unknown 0x08)  |
[ ] (unknown 0x10)  | [ ] (unknown 0x20)  | [ ] (unknown 0x40)  |

Failed login count: 0, while max tries is: 0
Total  login count: 3

* = blank the password (This may work better than setting a new password!)
Enter nothing to leave it unchanged
Please enter new password: *

Some information is displayed. Also, if the account is locked, you will be asked if you wish to unlock it (not shown here)

We go for the blank password option (*) WHICH IS HIGLY RECOMMENDED over setting a new one.

Please enter new password: *
Blanking password!

Do you really wish to change it? (y/n) [n] y
Changed!


Select: ! - quit, . - list users, 0x - User with RID (hex)
or simply enter the username to change: [Administrator] !

! brings us back to the main menu here.

<>========<> chntpw Main Interactive Menu <>========<>

Loaded hives: 

  1 - Edit user data and passwords
  2 - Syskey status & change
  3 - RecoveryConsole settings
      - - -
  9 - Registry editor, now with full write support!
  q - Quit (you will be asked if there is something to save)


What to do? [1] -> q

5. WRITING OUT THE CHANGES
Everything has been done, time to commit the changes.

Hives that have changed:
#  Name
0  - OK

=========================================================
. Step FOUR: Writing back changes
=========================================================
About to write file(s) back! Do it? [n] : y

THIS IS YOUR LAST CHANCE! If you answer y here there will be a write to disk!

Writing  sam

NOTE: A disk fixup will now be done.. it may take some time

Mounting volume... OK

Processing of $MFT and $MFTMirr completed successfully.

NTFS volume version is 3.1.

Setting required flags on partition... OK

Going to empty the journal ($LogFile)... OK

NTFS partition /dev/ide/host0/bus0/target0/lun0/part1 was processed successfully.
NOTE: Windows will run a diskcheck (chkdsk) on next boot.
NOTE: this is to ensure disk intergity after the changes

***** EDIT COMPLETE *****

You can try again if it somehow failed, or you selected wrong
New run? [n] : n


That was all. The disk fixup is only run on NTFS filesystems, and will force chkdsk next time windows boots.

Please answer n here and then reboot, CTRL-ALT-DEL. Remember to remove the floppy or CD.

What can go wrong?
Lots of things can go wrong, but most faults won't damage your system.

The most critical moment is when writing back the registry files to NTFS. Sometimes it emits errors, even if the new data in fact has been written. The most common problem seen during 2004 is that it does not change the password, or even messes it up so it is impossible to log in with that user. This does not happen often, however. Unfortunately, I haven't found the exact cause yet.

Also, see the FAQ for help with common problems.

For linux-knowledged people, you may do things manually if the scripts fail, you have shells on tty1-tty4 (ALT F1 - ALT F4).




The files, and an faq can also be found on his site.

happy hacking :sun:


--------------------



Extras: Filter Print Post Top
InvisibleWorld Spirit
PNW
 User Gallery

Folding@home Statistics
Registered: 07/27/01
Posts: 9,817
Re: how can i change a password i don't know on windows xp? [Re: Krishna]
    #5106564 - 12/26/05 02:54 AM (18 years, 2 months ago)

Dude, I have to say you're timing is extremely synchronistic. Wierd almost.

Extras: Filter Print Post Top
InvisibleWorld Spirit
PNW
 User Gallery

Folding@home Statistics
Registered: 07/27/01
Posts: 9,817
Re: how can i change a password i don't know on windows xp? [Re: World Spirit]
    #5106612 - 12/26/05 04:49 AM (18 years, 2 months ago)

- http://www.windowssecrets.com/comp/030213/

Windows XP, which has been marketed by Microsoft as "the most secure version ever," has been found to have a flaw so bone-headed that it renders passwords ineffective as a means of keeping people out of your PC.

Reader Tony DeMartino alerted me to the problem, which all administrators of Windows XP machines should immediately take to heart:

* Anyone with a Windows 2000 CD can boot up a Windows XP box and start the Windows 2000 Recovery Console, a troubleshooting program.

* Windows XP then allows the visitor to operate as Administrator without a password, even if the Administrator account has a strong password.

* The visitor can also operate in any of the other user accounts that may be present on the XP machine, even if those accounts have passwords.

* Unbelievably, the visitor can copy files from the hard disk to a floppy disk or other removable media - something even an Administrator is normally prevented from doing when using the Recovery Console.

This problem is unrelated to a feature of XP that allows an Administrator to set up automatic logon when the Recovery Console is used. Even without the Registry entry that enables this, XP is vulnerable. (For info on that feature, see support.microsoft.com/?scid=kb;en-us;312149.)

Windows 2000, of course, doesn't allow Recovery Console users to access a hard drive without a password, if one previously existed.

I notified four Microsoft executives of the XP flaw weeks ago, but haven't yet received an official response. There's no Knowledge Base article about it, and there may not even be a good solution to the problem.

When I've spoken with Microsoft security pros about similar problems in the past, they've referred me to a company policy that says, "If a bad guy has unrestricted physical access to your computer, it's not your computer anymore."

That's all well and good - but the fact remains that Windows 2000 doesn't allow anyone with an old CD to get password-free access, and Windows XP does.

Extras: Filter Print Post Top
Offlineshirley knott
not my real name
 User Gallery
Registered: 11/11/02
Posts: 9,105
Loc: London Flag
Last seen: 7 years, 2 months
Re: how can i change a password i don't know on windows xp? [Re: Krishna]
    #5106695 - 12/26/05 06:19 AM (18 years, 2 months ago)

shouldn't this go in the security forum?


--------------------
buh

Extras: Filter Print Post Top
InvisibleKrishna
कृष्ण,LOL
 User Gallery

Registered: 05/08/03
Posts: 23,285
Loc: oakland
Re: how can i change a password i don't know on windows xp? [Re: shirley knott]
    #5106887 - 12/26/05 08:31 AM (18 years, 2 months ago)

that's what i wasn't sure of - ...

feel free to move it if need be.


Enter - i've read that bug as well. with the "nice" cathedral style development of windows, i bet it only takes 4 years before they fix it! additionally, you can boot with a linux boot-disk, replace windows/system32/login.src with cmd.exe, and when the screensaver is supposed to load on the login screen, a dos prompt (or, the closest thing to a dos prompt in XP) will pop up, with full sysadmin privileges. from there, you can also change the administrator password


--------------------



Extras: Filter Print Post Top
Jump to top Pages: 1

Shop: Left Coast Kratom Buy Kratom Capsules   Kraken Kratom Red Vein Kratom   Myyco.com Golden Teacher Liquid Culture For Sale   PhytoExtractum Kratom Powder for Sale   Unfolding Nature Unfolding Nature: Being in the Implicate Order


Similar ThreadsPosterViewsRepliesLast post
* windows xp llib 1,046 3 09/27/02 08:03 PM
by tps
* HELP!!! win XP question Cubieman420 833 6 04/14/03 03:34 PM
by Cubieman420
* Read this! Massive SECURITY problem with Win XP! Fd3000 1,379 14 10/24/02 05:57 PM
by
* Microsoft Issues Patch for 'Critical' Windows Secu Mojo_Risin 1,150 4 11/21/02 06:44 PM
by Mojo_Risin
* Running XP on older machines.. Anonymous 899 8 08/11/03 02:19 PM
by wingnutx
* New Windows TinMan 1,161 14 04/10/03 12:17 AM
by windex
* passwords funkymonk 766 3 03/08/03 06:52 AM
by windex
* Windows 95 modem won't work.... TackleBerry 1,023 2 06/22/03 09:01 PM
by baraka

Extra information
You cannot start new topics / You cannot reply to topics
HTML is disabled / BBCode is enabled
Moderator: trendal, automan, Northerner
1,327 topic views. 0 members, 2 guests and 0 web crawlers are browsing this forum.
[ Show Images Only | Sort by Score | Print Topic ]
Search this thread:

Copyright 1997-2024 Mind Media. Some rights reserved.

Generated in 0.03 seconds spending 0.007 seconds on 14 queries.