Getting win2k admin password?

Discussion in 'Computer Security' started by tarquinlinbin, Oct 27, 2005.

  1. Hello,
    i have a laptop on which i am unable to access the administrator
    account becuase i havent got the password. Is there an easy way of
    finding/bypassing this?
    ta

    jo



    Remove antispam and add 670 after bra to email

    http://www.no2id.org/
     
    tarquinlinbin, Oct 27, 2005
    #1
    1. Advertising

  2. On Thu, 27 Oct 2005 15:06:20 +0100, tarquinlinbin
    <> wrote:

    >Hello,
    > i have a laptop on which i am unable to access the administrator
    >account becuase i havent got the password. Is there an easy way of
    >finding/bypassing this?
    >ta
    >

    There's a linux boot disk you can download that allows you to reset
    the admin password.

    http://home.eunet.no/~pnordahl/ntpasswd/

    Regards,



    --
    Stephen Howard - Woodwind repairs & period restorations
    www.shwoodwind.co.uk
    Emails to: showard{whoisat}shwoodwind{dot}co{dot}uk
     
    Stephen Howard, Oct 27, 2005
    #2
    1. Advertising

  3. tarquinlinbin

    nemo_outis Guest

    tarquinlinbin <> wrote in
    news:p:

    > Hello,
    > i have a laptop on which i am unable to access the administrator
    > account becuase i havent got the password. Is there an easy way of
    > finding/bypassing this?
    > ta
    >
    > jo



    I assume you are talking about the *local* administrator account on the
    machine itself.

    Yes, there are a number of ways of escalating privilege. The simplest
    are the "canned" solutions which are easy to apply if you can boot from
    floppy, CD (or USB). The Winternals Admin pack contains such a module
    which will allow you to (re)set the Admin password to whatever you wish
    (Note that it clobbers the original password so you may wish to back up
    the sam first). Elcomsoft and Passware have commercial modules which do
    the same thing.

    There are some free ones out there too such as:

    http://www.grape-info.com/doc/win2000srv/security/ntpasswd.html
    (I haven't tried this particular one but there are many! others out
    there)

    Be aware that if you are too aggressive with some of these schemes you
    can make some things (e.g., EFS encrypted files) inaccessible. However,
    if you don't clobber the SID but just the password all will be well.

    Even if you can't boot from CD there are a few tricks to escalate
    privilege (so you can run things like Cain & Abel or lsadump to get
    passwords). The most elegant are the "shatter" attacks that take
    advantage of the insecure and unauthenicated windows message-passing
    mechanism. But here's a simple "golden oldie" one that often works:

    Go to a command prompt and type in:

    at hh:mm /interactive taskmgr
    (put in the time a few minutes from now)

    At the specified time, task manager will pop up - as a system process!

    End task explorer.exe, Click on New Task and type in explorer.exe (the
    less greedy will just open a window with cmd). You are now running at
    system level! Bingo! (I can almost hear the patter of little sysadmin
    feet running to close off this loophole as I type).

    Regards,
     
    nemo_outis, Oct 27, 2005
    #3
  4. tarquinlinbin

    Phil Guest

    tarquinlinbin wrote:

    > i have a laptop on which i am unable to access the administrator
    > account becuase i havent got the password. Is there an easy way of
    > finding/bypassing this?


    Why not ask the owner of the laptop?
     
    Phil, Oct 27, 2005
    #4
  5. On Thu, 27 Oct 2005 22:10:54 +0200, Phil <> wrote:

    >tarquinlinbin wrote:
    >
    >> i have a laptop on which i am unable to access the administrator
    >> account becuase i havent got the password. Is there an easy way of
    >> finding/bypassing this?

    >
    >Why not ask the owner of the laptop?

    A) i dont need to,ive sorted it now

    and

    B) who says im not the owner?



    Remove antispam and add 670 after bra to email

    http://www.no2id.org/
     
    tarquinlinbin, Oct 28, 2005
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    1
    Views:
    2,091
    BradReeseCom
    Mar 10, 2005
  2. Little k

    How do I bin the Admin password?

    Little k, Jan 13, 2006, in forum: Wireless Networking
    Replies:
    6
    Views:
    11,086
    Little k
    Jan 13, 2006
  3. Andy½
    Replies:
    2
    Views:
    416
    Andy½
    Apr 2, 2004
  4. =?Utf-8?B?SVQtTU9ORVk=?=
    Replies:
    16
    Views:
    12,800
    BD [MCNGP]
    Aug 23, 2006
  5. thing
    Replies:
    3
    Views:
    736
    thing
    Aug 15, 2004
Loading...

Share This Page