Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 24

Thread: Knoppix to crack a Windows password

  1. #11
    Senior Member registered user
    Join Date
    Dec 2003
    Location
    Salt Lake City, UT, U.S.A.
    Posts
    1,338

    Re: knoppix is promoted as a emergency repair solution?

    Quote Originally Posted by duah55
    I cannot DELETE these 2 files under knoppix,thats the only way I can see to reset passwords, to blank

    there must be a way,knoppix is promoted as a emergency repair solution?
    Hmmmm... (I guess it is?), but it is also an OS first.

    As Eco2Geek said, this is really not a Knoppix issue though, because knoppix can boot your system, and as you said, it can gain access to your hardware, it just doesn't seem to allow you to delete specific files for another operating system - which, I might add, are not knoppix's responsibility to maintain.

    Just cause you want to use Knoppix as a tool to do something in another OS, doesn't make that OS responsible if it doesn't, or can't...

    What I would suggest, take it to M$ Windoes for resolution, hence my previous response, was to get the "jest" that editing it, or modifying the password files are hard to decypher, and if you can't get knoppix to assist in removal of the files, that I would go to Windows Support for resolve.

    I Know of many "windows" specific forums (newsgroups) that you could post your issue to, and get a OS specific resolve to this. I don't work for, nor do I work with, M$ OS's, but I do run a Knoppix/GNU Linux OS, thus my answers tend to follow the OS I am running, I would think that a Forum, specific to M$ OS's, would also do the same.

    As Bast, Nmcphillips, Eco2Geek, and anyone else, has stated, this kind of action could be possibly illegal, etc... and may simply "trash" your Windows installation - so, see if Windows has any information of this issue, they may have dealt with it a lot more than people who run Knoppix, or any other Linux variant, and lastly, you may have to re-install.

    Just my thoughts,
    Ms. Cuddles

  2. #12
    Member registered user
    Join Date
    Jul 2003
    Posts
    96
    I've never used this, but have seen it in action.

    John the Ripper

    What have you got to lose?

  3. #13
    Senior Member registered user
    Join Date
    Mar 2004
    Location
    Berlin
    Posts
    436
    , this kind of action could be possibly illegal,
    Whooo! It shall be illegal, to crack into you own OS?
    I don't believe that!

    If you own a house, and lost the key, do you buy a new house?

  4. #14
    Senior Member registered user
    Join Date
    Dec 2003
    Location
    Salt Lake City, UT, U.S.A.
    Posts
    1,338
    Quote Originally Posted by user unknown
    , this kind of action could be possibly illegal,
    Whooo! It shall be illegal, to crack into you own OS?
    I don't believe that!

    If you own a house, and lost the key, do you buy a new house?
    Ok, Ok, calm down, take ten breathes, slowly....

    What I was saying, that "cracking" a password can be used for other systems, not just your own... Add this this that many people can transfer information to a "company" machine, and even though a "company" machine is used by someone on there desk, it doesn't belong to them, thus, my statement...

    This all comes down to the "gun" laws, and what the "gun police" say: "its not the gun who kills people, but the person using it..." -=- Considering the "initial" post here, I was seeing "knoppix" as the gun, and took the "initiative" of considering the thought of it being used for other purposes, by any user of it. As in your example User Unknown, if its my house, and "I" lost my key, I wouldn't buy a new house, but, I wouldn't give my key, to my house, to a known theif, or robber either - no inferance intended to anyone in this post, just the thoughts of the corrolation.

    Gun = Tool
    Knoppix = Tool
    Tool = Good or Bad - depending on the person using it - and considering that anyone reads these posts - I was covering my rump

    Honesty is always the best policy - but don't use "apt-cache search" for it -=-
    Ms. Cuddles

  5. #15
    Senior Member registered user
    Join Date
    Mar 2004
    Location
    Berlin
    Posts
    436
    Well - duah55 was only talking about his newly installed win.

    We know that it is pretty simple to get root-access on a linux-machine, you have physical access to.
    It's a bit harder, to crack into, without leaving too much and too obvious tracks.

    I guess it's pretty hard, to crack into a smaller system, install a permanent backdoor, and hiding your tracks.

    I don't know whether it's possible, to crack the win-passwords - perhaps to replace the file with encrypted passwords, you take from another machine, but if it's easily possible, I think everybody should know.

  6. #16
    Member registered user
    Join Date
    Apr 2004
    Posts
    34

    lol

    as eco2geek said

    knoppix is not a solution
    delete or empty or modify the SAM file will corrupt your win os
    ==> you won't be able to boot it anymore

    get ultimate boot cdrom

    after booting on it
    ==> F2 (file system tools)
    ==> F6 (a trusted nt pass manager for blanking admin nt pass)

  7. #17
    Member registered user
    Join Date
    Nov 2003
    Posts
    66
    All information that is contained within is for use only on your own personal systems, if caught doing anything illegal the author takes no responceability for the actions taken, you have been advised.

    Now this information is incomplete since I just remember all of my passwords that I use in my head, and have never needed to use it, plus I create my own backdoors to my information i.e. I backup keys, and create parallel hidden users for all of my software.

    Check out the newest issue of http://www.thebroken.org/ for the gist of how to do this, it is also available under one of Kevin Rose's (same dude, you can also ask on thebroken's forums) dark tips from thescreensavers.com, but their site is down. You need to get a copy of the program of SAMInside though to do it, which must be run on windows. Have you tried though (if you didn't install an admin password at boot) at the login screen hittin CTRL+ALT+DEL twice to bring up the old WinNT login screen and used administrator with the password, or if you have home or didn't do it in Pro, using the default password (absoltely nothing) with the Administator login.

    Now as far as encription goes, in windows (HA HA HA HA Windows... Security... same sentence). By default windows keeps an old Lan Manager Password as one of the 'encripted' password hashes for all of the users (so that Older windows systems can network to it) and this hash is a joke, it takes the password and converts it all to two different hashes and then before conversion makes them all uppercase for the hash, so if you use a brute force cracker it doesn't take that long, (it removes 26 possible characters from the dictionary, and if I remember correctly, it adds even removes the numbers to make them into the special characters, but I am not 100% sure) so on most systems the password can be cracked in a number of hours. but by that time you will probably remember the actual characters of you password.

    The other method is on Knoppix-STD is to replace the sam hashes to change the characters to a new password, but you lose access to ALL of the files that are encripted. But that is only if the files are encripted. There is also a way to do this if you want to try to find it in the MS Knowledge base, but it is a pain in the ass from what I remember (why is it available, so that when any networking GURU at work loses his passwords, he can fix it without hosing the network, there is a way to do this for all of the Network Operating Systems that are availble, but in Novell 4.11 it requires physical acess to the Server).

    Hope I helped some.

  8. #18
    Member registered user
    Join Date
    Feb 2004
    Posts
    72
    Quote Originally Posted by user unknown
    , this kind of action could be possibly illegal,
    Whooo! It shall be illegal, to crack into you own OS?
    I don't believe that!

    If you own a house, and lost the key, do you buy a new house?
    You'll have to burn it down first so you can collect the insurance.

  9. #19
    Junior Member
    Join Date
    May 2004
    Posts
    1
    Here's a boot disk with this specific capability (listed in the boot menu). Have tried it on both Win 2K and XP machines with complete success.
    - Your results may vary.

    Uses Linux to rewrite the existing password file. It searches a default dir for the file but also gives you the capability to search specific dirs. Also, I don't believe that it is possible to view the encrypted file, only rewrite it.

    The site and documentation is pretty easy to understand WRT configuring the image of the disk. Utilities are also available to add/remove utilities on the boot disk.

    http://ebcd.pcministry.com/

    Hope it helps. Saved me from slicking my HDD.

  10. #20
    Junior Member registered user
    Join Date
    May 2004
    Posts
    14
    The following depicted acts may be illegal in states/countries and is intented for informational use only

    ok well as soon as i saw this i was going recommend www.thebroken.org but looks like someone allready did any way might aswell add my bit

    start with a bootable linux cd. I like knoppix-std as do they it's full of cool security tools.

    once you bypass the start up you need to run a program called ntpassword.

    Like you said your after the password and all local windows passwords are stored in the windows/system32/config directory in the sam file.

    now the password is encypted and stored as a hash.

    ntpassword works by using password hash insertion. That means inserting a new password hash that you have created right into the sam.

    now you simpley reboot choose the account to overwrite and type in the new password.

    now doing that you can't read any files using the windows encypted file system (EFS)

    for that your going to need the original password.

    just back up the sam and sytem files and use the saminside program to extract the encypted hash.

    then you can use l0phtcrack to use dictonary and brute force to crack the password. now this is the time consuming part deppending on your password it can take several minutes or several months to crack it.

    now if it's windows xp it creates to password hashes an nt hash and an lm hash. lm hases where used for old OS like 98 95 and basically are a lot easier to crack

    anyway i hope this help and also wish i could take credit for this but all credit to the guys at www.thebroken.org nice job guys

Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. What is password for Knoppix 3.8?
    By dhs13 in forum General Support
    Replies: 5
    Last Post: 04-09-2005, 04:25 AM
  2. Replies: 2
    Last Post: 02-12-2005, 05:04 PM
  3. new password on knoppix
    By jborges in forum Hdd Install / Debian / Apt
    Replies: 3
    Last Post: 12-10-2004, 12:25 PM
  4. Knoppix 3.3 Password
    By pazza in forum General Support
    Replies: 6
    Last Post: 05-31-2004, 06:46 PM
  5. How to Change Password to No Password?
    By TheCyberDude in forum General Support
    Replies: 0
    Last Post: 06-19-2003, 10:43 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


IBM Power8 S822L Storage Server 8247-22L - With Ram, Some Cards, No HDD's picture

IBM Power8 S822L Storage Server 8247-22L - With Ram, Some Cards, No HDD's

$399.95



IBM SYSTEM X3500 M3 SERVER 7380AC1 2*XEON E5620 2.4GHz 8GB SEE NOTES picture

IBM SYSTEM X3500 M3 SERVER 7380AC1 2*XEON E5620 2.4GHz 8GB SEE NOTES

$33.21



IBM 8284-22A S822 Dual Power8 Cpu 512Gb (16x 32Gb) RAM  picture

IBM 8284-22A S822 Dual Power8 Cpu 512Gb (16x 32Gb) RAM

$795.00



IBM Lenovo X3650 M5 2U 8x 2.5” CTO Rack Server – 2x HS, 2x 750W picture

IBM Lenovo X3650 M5 2U 8x 2.5” CTO Rack Server – 2x HS, 2x 750W

$199.00



IBM Power S822 12-Bay Server System Power8 Core 3.42Ghz DVD-Rom Drive 64GB No HD picture

IBM Power S822 12-Bay Server System Power8 Core 3.42Ghz DVD-Rom Drive 64GB No HD

$399.99



IBM x3650 M4 2x Xeon E5-2670 2.6ghz 16-Core / 64GB / M5110e / 2x PSU picture

IBM x3650 M4 2x Xeon E5-2670 2.6ghz 16-Core / 64GB / M5110e / 2x PSU

$129.99



IBM Power S822 8284-22A 12SFF Power8 3.89GHz 6-Core 64GB RAM No Bezel/HDD Server picture

IBM Power S822 8284-22A 12SFF Power8 3.89GHz 6-Core 64GB RAM No Bezel/HDD Server

$359.99



IBM System X3650 M4 Server, 2 x Xeon E5-2630 2.3Ghz 32GB RAM, 2 x 1.2 TB HDD picture

IBM System X3650 M4 Server, 2 x Xeon E5-2630 2.3Ghz 32GB RAM, 2 x 1.2 TB HDD

$132.46



IBM 8203 E4A p520 Server 8203-E4A 4.2GHz 2-Core POWER6 32GB RAM / NO HDD USED picture

IBM 8203 E4A p520 Server 8203-E4A 4.2GHz 2-Core POWER6 32GB RAM / NO HDD USED

$119.99



IBM System X 3250 M5 Single Xeon Quad Core E3-1220 v3 @3.1GHz,8GB RAM,Linux SUSE picture

IBM System X 3250 M5 Single Xeon Quad Core E3-1220 v3 @3.1GHz,8GB RAM,Linux SUSE

$199.87