Recovering The SAM file from a WinXP machine

Huge area to cover, we have assembled and written tutorials that have proven helpful over time.

Recovering The SAM file from a WinXP machine

Postby Zugg » Wed Dec 22, 2004 5:37 pm

Code: Select all
Recovering The SAM file from a WinXP machine ##################################################################################### Tutorial by Zugg Zuggalo1189@gmail.com Should only be read on Http://www.Binary-Universe.tk/ ##################################################################################### Neither I (Zugg) nor Binary Universe are responsible for your actions as a result of reading this. It is for informational purposes only, and I do not encourage any illegal or immoral activities. ##################################################################################### _____________________________________________________________________________________ Using Knoppix/STD Requirements: -Physical Access to the box -Knoppix or Knoppix-STD -USB Flash Card or a Floppy Diskette (if applicable) -A password recovery tool (i.e. a cracker) Ok, This tutorial is about how to get the SAM (Security Accounts Manager) file from a WinXP box you have physical access to. Obviously the first thing you need to do is download Knoppix or Knoppix-STD: -Http://www.Knopper.net/ - Knoppix -Http://www.Knoppix-STD.net/ - Knoppix-STD -Http://www.Knoppix.net/ - One of the best resources for Knoppix What is Knoppix? KNOPPIX is a bootable CD with a collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. KNOPPIX can be used as a Linux demo, educational CD, rescue system, or adapted and used as a platform for commercial software product demos. It is not necessary to install anything on a hard disk. Due to on-the-fly decompression, the CD can have up to 2 GB of executable software installed on it. -http://www.Knoppix.net/ What is Knoppix-STD? Knoppix-STD is a customized distribution of the Knoppix Live Linux CD. Boot to the CD and you have Knoppix-STD. STD focuses on information security and network management tools. It is meant to be used by both the novice looking to learn more about information security and the security professional looking for another swiss army knife for their tool kit. -http://www.Knoppix-STD.org I will not teach you how to use Knoppix/STD. That's why i gave you the links! Your best friend in learning is Http://google.com! Learn it, Use it, and you get smarter! Now that you know just what Knoppix/STD is, you can get started! First, you'll need to get access to the PC. Do whatever you see as "ok" to gain access. then follow these steps: 1. Boot up the computer 2. While the computer is booting, press f8 or f12, it depends on the computer, most of the time, so just press F** buttons, and you should get it! 3. When you find the right F** button, you will be given a list of boot options. Select the "Boot From CD-ROM" or something similiar (make sure you have inserted the Knoppix/STD CD). 4. This will boot you into knoppix, bypassing WinXP altogether! 5. Knoppix will automatically "mount" your hard drive, so you don't have to. 6. Once in Knoppix, open a shell, and type: "cd /mount" 7. Navigate to "windows/system32/config/" directory 8. Copy the SAM file to the USB flash drive or Floppy 9. Get the hell outta there! Ok, so now you have the SAM file in your pocket and your in the clear. Take the SAM, put it on another Windows machine, and fire up a copy of SAMinside (http://www.topshareware.com/SAMInside-download-5188.htm). This will extract the hash. When you have the hash, open up LC5 (http://www.atstake.com/products/lc/). This will bruteforce the hash, and when it finds the matches the correct hash marks, it will display the original pass! ##################################################################################### Well, you've just completed my tutorial on recovering the SAM file using Knoppix/STD! Try it out a few times, and make sure you got it, before you try to show your friends how "1337" you are, and make an ass of yourself. Well, that's all, and remember, i'm not responsible with what you do with the information provided in this tutorial. Do what you will, and happy hash hunting! Http://Binary-Universe.tk/
Zugg
n00b
 
Posts: 4
Joined: Sun Sep 26, 2004 7:21 pm
Website: http://binaryuniverse.no-ip.com
Yahoo Messenger: Zuggalo1189
AOL: Zuggalo1189
Location: Tennessee

Postby IceDane » Wed Dec 22, 2004 6:13 pm

Very nice.

As I have stated before, at the other 384 million sites you've posted this on.

-Ic3D4ne
User avatar
IceDane
Because I Can
 
Posts: 2652
Joined: Wed May 12, 2004 9:25 am

Postby Net Battle Bot » Wed Dec 22, 2004 6:28 pm

You are indeed fortunate if you see "CD-ROM" on the boot menu.
Without practice one cannot prove; without proof one cannot be trusted; without trust one cannot be respected.
User avatar
Net Battle Bot
Owns you
 
Posts: 1816
Joined: Fri Jun 04, 2004 6:44 am
Location: Groom Lake

Postby GhostHawk » Wed Dec 22, 2004 6:29 pm

It was well written, but not needed. There have been a million other guides identical to this. But whatever.
Opinions are like ass holes, everyone has one. It is also my opinion, that I am an ass hole.
User avatar
GhostHawk
Ex-Mod
 
Posts: 1447
Joined: Wed Jul 30, 2003 12:10 am
ICQ: 231821255
Website: http://www.xpango.com?ref=91423378

Postby Prism » Wed Dec 22, 2004 6:55 pm

It's really just a set of instructions, there is no theory..

stuff that you should have included:

-why you have to use a bootable operating system?
-ntfs file system...
-what is a hash? what sort of encryption does windows nt use?
User avatar
Prism
Owns you
 
Posts: 1618
Joined: Thu May 06, 2004 9:18 am

Postby ih827 » Thu Dec 23, 2004 3:09 am

It's really just a set of instructions, there is no theory..

stuff that you should have included:

-why you have to use a bootable operating system?
-ntfs file system...
-what is a hash? what sort of encryption does windows nt use?
can you reply to this Zugg
keeping knowledge free is a full time job
User avatar
ih827
Hacker in Training
 
Posts: 85
Joined: Wed Nov 17, 2004 2:53 am
AOL: makaveliela

Postby netphreak » Thu Dec 23, 2004 7:27 am

Also, I would include a section on how to bypass a BIOS password, because that may/may not be a step in getting the computer to boot to a CD.
Look at the stars, but shoot for the ceiling; it's closer...
When looking for a needle in a haystack, don't start in the middle of a wheat field.
User avatar
netphreak
Owns you
 
Posts: 1300
Joined: Wed Sep 24, 2003 8:31 pm
AOL: netphreak0101
Location: Everywhere and nowhere... all at once

Postby IceDane » Thu Dec 23, 2004 7:41 am

First of all, I completely disagree with all of you.

@ Prism:

This is about how to extract, and crack the SAM file, not about the filesystem NTFS. Although the information about why we need a bootable operating system could be useful.

@ Netphreak:

As I said, this tutorial is about how to extract, and crack the SAM file.
This isn't about how to bypass passwords, the NTFS filesystem, or anything, but how to extract and crack the SAM file.

But I guess it's the author's oppinion that really matters, we should just wait for his reply.

-Ic3D4ne
User avatar
IceDane
Because I Can
 
Posts: 2652
Joined: Wed May 12, 2004 9:25 am

Postby netphreak » Thu Dec 23, 2004 9:11 am

Bypassing a BIOS password can be part of the process if you're trying to get into a system with a locked BIOS. Without changing the boot order to check the CD-ROM drive first, then you will barely get past step 1. The lock will defeat you quickly, but if you know how to get around it, then you can proceed with the SAM extraction. I'm just suggesting, it would make the tutorial more complete.
Look at the stars, but shoot for the ceiling; it's closer...
When looking for a needle in a haystack, don't start in the middle of a wheat field.
User avatar
netphreak
Owns you
 
Posts: 1300
Joined: Wed Sep 24, 2003 8:31 pm
AOL: netphreak0101
Location: Everywhere and nowhere... all at once

Postby Prism » Thu Dec 23, 2004 10:17 am

@ Prism:

This is about how to extract, and crack the SAM file, not about the filesystem NTFS. Although the information about why we need a bootable operating system could be useful.
you can't just use any bootable operating system ie. ms-dos because it doesn't have ntfs support

I agree with netphreak, bypassing the bios password would be a good addition
by the way, it look like you got the url wrong
User avatar
Prism
Owns you
 
Posts: 1618
Joined: Thu May 06, 2004 9:18 am

Postby Niels » Thu Dec 23, 2004 5:11 pm

@Prism: http://binaryuniverse.no-ip.com *

As I've said before Zugg, I like it alot.
User avatar
Niels
Sargeant at Arms
 
Posts: 260
Joined: Wed Sep 01, 2004 12:31 am
Website: http://binaryuniverse.net
AOL: Ch4r91
Location: San Francisco

Postby Zugg » Fri Dec 24, 2004 5:54 pm

ok, the tut will be revised.

@Prism: no i didn't get the URL wrong, we stopped using it. it just occured to me to post it here. i wrote it quite a while ago.

as all of you can see from the size and caliber of it, it was meant to BASIC. that's why there isn't a shitload of imformation in it. anyway, i don't really care. every other place i posted it sayed it was good, and some even posted it in their tut section on the main website, but w/e.
Last edited by Zugg on Fri Dec 24, 2004 6:25 pm, edited 1 time in total.
Zugg
n00b
 
Posts: 4
Joined: Sun Sep 26, 2004 7:21 pm
Website: http://binaryuniverse.no-ip.com
Yahoo Messenger: Zuggalo1189
AOL: Zuggalo1189
Location: Tennessee

Postby netphreak » Fri Dec 24, 2004 5:57 pm

It was still a good beginner tutorial, well written. These were just suggestions to help with a more COMPLETE version of the tutorial.
Look at the stars, but shoot for the ceiling; it's closer...
When looking for a needle in a haystack, don't start in the middle of a wheat field.
User avatar
netphreak
Owns you
 
Posts: 1300
Joined: Wed Sep 24, 2003 8:31 pm
AOL: netphreak0101
Location: Everywhere and nowhere... all at once

Postby kka_kenny » Sat Dec 25, 2004 10:35 am

Yes I like it short guides are always best.
It starts with with a simpl[e] lie then you die.
User avatar
kka_kenny
Your Senior
 
Posts: 901
Joined: Sat May 15, 2004 5:42 pm


Return to ā€œ%sā€ Windows Tutorials

Who is online

Users browsing this forum: No registered users and 0 guests

cron