Obtaining windows admin.
-
- n00b
- Posts:2
- Joined:Sun Sep 06, 2009 10:19 pm [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
my friends computer recently got a program put on it called "salfied child control 2009" The program basically limits him to web browsing. Installations are not possible nor is task manager or even cmd... We do not know the admins password so we tried accessing safe mode to go into the default admin account but for some reason his computer auto shut down at the safe mode start up screen. Is there any solutions to obtain the windows admin rights apart from the cmd hack which is not viable because cmd is disabled... Or a keylogger which requieres no install? thanks.
-
- n00b
- Posts:10
- Joined:Sat Jun 27, 2009 1:57 pm [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Obtaining windows admin.
I am going to assume that your friend is the rightful owner of the computer.
Note: I am using Windows XP. This process may vary slightly for Windows Vista.
All you need to do is download a live CD version of Linux and burn it. You will be able to use the live CD to boot in to Linux which will give you unrestricted access over the hard drive. Locate where the Windows file system has been mounted. (tip: Look in the /mnt directory).
If you can not find it, try issuing this command:
Navigate to the following directory:
C:/windows/system32/config/
It might look something like this:
Look for a file called SAM. This file contains the hashed passwords for all accounts on the system. If you delete this file, all of your passwords will be reset to blank.
When you are finished, restart the computer and take the CD out of the drive. You will boot back in to Windows and everything is exactly as it was. ...except the password file.
I hope this information helps.
Arch
Note: I am using Windows XP. This process may vary slightly for Windows Vista.
All you need to do is download a live CD version of Linux and burn it. You will be able to use the live CD to boot in to Linux which will give you unrestricted access over the hard drive. Locate where the Windows file system has been mounted. (tip: Look in the /mnt directory).
If you can not find it, try issuing this command:
Code: Select all
mount /mnt/hda1
C:/windows/system32/config/
It might look something like this:
Code: Select all
cd /mnt/hda1/WINDOWS/system32/config
Code: Select all
rm /mnt/hda1/WINDOWS/system32/config/SAM
I hope this information helps.
Arch
- Aiden
- Administrator
- Posts:1080
- Joined:Tue Oct 31, 2006 11:11 pm
- Location:/usr/bin/perl [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Obtaining windows admin.
If you can boot to a CD, it might be worth looking into just booting to Linux just for general use, too. You can mount a USB drive if you need to keep data persistent between sessions as well. Just a thought
"When it takes forever to learn all the rules, no time is left for breaking them."
-
- n00b
- Posts:5
- Joined:Thu Aug 06, 2009 11:52 pm [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Obtaining windows admin.
You could also check out Kon-boot.
- Thor
- htd0rg lieutenant
- Posts:440
- Joined:Tue Dec 18, 2007 9:39 am
- Location:Location Location [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Obtaining windows admin.
All the post above are good advice. One thing about resetting a password to blank, is of course the person who originally set it will eventually find out, especially if this is at home or something like that.
For purposes of just getting the password fairly quickly, I would say use something like backtrack, I know it has everything you need to dump the SAM fule and decrypt it.
For purposes of anonymity, I recommend using Druspth's idea of using any other linux live cd, and saving files to a usb while booted into the live distro. You'll find backtrack to be sort of a live distro. You'll also find a few more ways to get that coveted XP pass. Backtrack is easy though. I am gonna imagine that you don't have the required priveledges to install keyloggers and anything at all probably.
For purposes of just getting the password fairly quickly, I would say use something like backtrack, I know it has everything you need to dump the SAM fule and decrypt it.
For purposes of anonymity, I recommend using Druspth's idea of using any other linux live cd, and saving files to a usb while booted into the live distro. You'll find backtrack to be sort of a live distro. You'll also find a few more ways to get that coveted XP pass. Backtrack is easy though. I am gonna imagine that you don't have the required priveledges to install keyloggers and anything at all probably.
- SLaX
- Apprentice
- Posts:44
- Joined:Fri Aug 17, 2007 2:13 pm
- Location:Somewhere
- Contact:
Re: Obtaining windows admin.
The hard way is to get a hold of the SAM and crack it. But this is good if you don't want to be noticed. What I do for work is use WinKey. It basically does what Arch said, but in a matter of seconds. Its 180 dollars if you want to buy it, but I don't condone warez on public forums. :D
- rundata
- n00b
- Posts:13
- Joined:Sat Sep 26, 2009 12:36 am
- Location:stuck in a hoobajoob
- Contact:
Re: Obtaining windows admin.
REMOVED
Last edited by rundata on Thu Jun 09, 2011 7:11 am, edited 2 times in total.
- Cool_Fire
- Not a sandwich
- Posts:1913
- Joined:Fri May 09, 2003 1:20 pm
- Location:41 6d 73 74 65 72 64 61 6d
- Contact:
Re: Obtaining windows admin.
You can also use konboot and bypass the login alltogether.
-
- n00b
- Posts:12
- Joined:Thu Aug 20, 2009 11:40 pm [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Obtaining windows admin.
Would it not be possible to visit websites based off ip instead of the url? I guess it would depend on the program blocking the websites.
-
- Hacker in Training
- Posts:53
- Joined:Wed Aug 26, 2009 8:33 am [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Obtaining windows admin.
Salfeld child control 2009 really gives parents some power. A very good program in family's whit small children but surely a pain in the ass if your above 12 and your parents uses the program to the limit. I have no advise of how to go round it other than already given. Only wanted to add things to think about. The program makes is possible for parents to get an email each time that the PC starts up or shuts down, something to think about if there are some time limits added. Be sure of that the parents do not have an agreement whit the company that delivers the Internet connection that gives them a specified bill like a phone bill, if that is possible in your country.
- dimcode
- n00b
- Posts:6
- Joined:Sun Jun 03, 2012 2:05 pm [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Obtaining windows admin.
okay, this is good advice but I think that you could change a bit the command right after you've located and mounted the windows hard drive:arch wrote:I am going to assume that your friend is the rightful owner of the computer.
Note: I am using Windows XP. This process may vary slightly for Windows Vista.
All you need to do is download a live CD version of Linux and burn it. You will be able to use the live CD to boot in to Linux which will give you unrestricted access over the hard drive. Locate where the Windows file system has been mounted. (tip: Look in the /mnt directory).
If you can not find it, try issuing this command:
Navigate to the following directory:Code: Select all
mount /mnt/hda1
C:/windows/system32/config/
It might look something like this:
Look for a file called SAM. This file contains the hashed passwords for all accounts on the system. If you delete this file, all of your passwords will be reset to blank.Code: Select all
cd /mnt/hda1/WINDOWS/system32/config
When you are finished, restart the computer and take the CD out of the drive. You will boot back in to Windows and everything is exactly as it was. ...except the password file.Code: Select all
rm /mnt/hda1/WINDOWS/system32/config/SAM
I hope this information helps.
Arch
Code: Select all
mount /mnt/hda1
Code: Select all
cd /mnt/hda1/Windows/System32/
Code: Select all
cp sethc.exe sethc.bak
Code: Select all
cp cmd.exe sethc.exe
You're done, reboot, then before you log in, press shift 5 times, a command prompt will appear with System privilleges. You can then create another acount that gives admin rights: first type:
Code: Select all
net user yourusername yourpassword /add
Code: Select all
net localgroup Administrators yourusername /add
Reboot and then login with your new account. You might want to add a pa
-> [dimCode] <-