windows password

This is the place to bitch, bash, and get help with all things Windows.
Post Reply
ramiia
Corporal
Posts: 129
Joined: Mon Jul 16, 2007 11:23 pm
Location: Sampo 69

windows password

Post by ramiia » Sat Nov 02, 2013 6:48 am

ok here is the story, I changed laptop's admin password and an hour later I seemed to failed what is current password (somehow I might have slipped my finger/s into different button--twice ((for the confirmation of new password))

I tried for a day to reset the password using net user but I only have a guest log in enable which have no admin privilege, so I tried to system restore it, it is taking too long to wait so I decided to hit the sack earlier today I noticed that the laptop is turned off I check the power cable only to find out it wasn't plugged-in properly... I cold booted laptop after windows logo the screen is blacked out even in safemode.

so I have two problems.

1. to reset my account password and
2. to fix blackscreen

currently I am downloading a fresh copy of win 7 ultimate installer --- hoping to fix those two

I am open for suggestions---can i use ubuntu to reset windows admin password? any other programs that can sniff my password? like ophcrack something? (it only worked on my win xp though last 4 years ago)


HELP!

User avatar
Cool_Fire
Not a sandwich
Posts: 1888
Joined: Fri May 09, 2003 1:20 pm
Location: 41 6d 73 74 65 72 64 61 6d
Contact:

Re: windows password

Post by Cool_Fire » Sat Nov 02, 2013 7:15 am

Depending on the complexity of your pass you could try to crack it with something like ophcrack.
You could also try setting a password you know and copying over the password hash from a live cd but I've never actually tried that. I'm just sort of theorizing it might work.

Black screen issue:
Don't know, could be a lot of things. See if it boots a live cd to figure out if it's a hardware or a software issue.
If we're breaking the rules, then how come you can't catch us? You can't find us? I know why. Cause, it's ... MAGIC!
Hackerthreads chat, where the party is going 24/7.

ramiia
Corporal
Posts: 129
Joined: Mon Jul 16, 2007 11:23 pm
Location: Sampo 69

Re: windows password

Post by ramiia » Sat Nov 02, 2013 11:46 am

I never have had a blackscreen issue in my laptop before whilst in desktop it's a different story....

my password contains 3 number 6 letters and 2 special characters (i dont think combine upper and lower cases though)

well with ophcrack, I only manage to be successful using it in my win xp desktop and I failed to use it in win7 4 years ago

edit 1: will try to copy ophcrack to a flash drive hope it will work

edit 2: why is irc (web-based) is kicking me out every 5 minutes or so...?

User avatar
Cool_Fire
Not a sandwich
Posts: 1888
Joined: Fri May 09, 2003 1:20 pm
Location: 41 6d 73 74 65 72 64 61 6d
Contact:

Re: windows password

Post by Cool_Fire » Sat Nov 02, 2013 12:08 pm

ophcrack for XP is a different one that for Vista/7. It has a lower success rate than the XP one for reasons of changed default hash storage since Vista.

As for the web IRC: Because it's a crappy web IRC. Try mibbit.
It may just be your connection though. I've used it successfully for times greater than 5 minutes before.
If we're breaking the rules, then how come you can't catch us? You can't find us? I know why. Cause, it's ... MAGIC!
Hackerthreads chat, where the party is going 24/7.

User avatar
Fatal_Exception
Strike 1
Posts: 138
Joined: Sat Dec 27, 2003 4:52 pm
Location: 127.0.0.1
Contact:

Re: windows password

Post by Fatal_Exception » Mon Jan 06, 2014 3:26 pm

You can download and burn an iso of Offline NT Pass Changer
http://pogostick.net/~pnh/ntpasswd/

OR You can use Hirens BootCD to reset passwords ins 2000/XP/Vista/2003/2008/7
http://www.hiren.info/pages/bootcd

From another computer download the iso and use a program like isoburner/cdburnerxp to burn the iso. Place in the laptop and hit F12/F8/ESC or sometimes it says press ? to change boot order. Once the cd loads it should be on the front page, Offline NT Pass Changer.

If you have utorrent, you can also google, MRI 5.7.2 torrent and find the geeksquad boot cd which has many automated tools.

CdBurnerXP: https://cdburnerxp.se
Did you know that there are over 2 million people addicted to warez? I'm #323,097!

User avatar
Thor
htd0rg lieutenant
Posts: 440
Joined: Tue Dec 18, 2007 9:39 am
Location: Location Location

Re: windows password

Post by Thor » Thu Jan 09, 2014 5:12 pm

Fatal_Exception wrote:You can download and burn an iso of Offline NT Pass Changer
http://pogostick.net/~pnh/ntpasswd/

OR You can use Hirens BootCD to reset passwords ins 2000/XP/Vista/2003/2008/7
http://www.hiren.info/pages/bootcd

From another computer download the iso and use a program like isoburner/cdburnerxp to burn the iso. Place in the laptop and hit F12/F8/ESC or sometimes it says press ? to change boot order. Once the cd loads it should be on the front page, Offline NT Pass Changer.

If you have utorrent, you can also google, MRI 5.7.2 torrent and find the geeksquad boot cd which has many automated tools.

CdBurnerXP: https://cdburnerxp.se

Interesting idea about the Geeksquad disk. I've heard that they expire. I guess they look at the bios date/time? I guess a way around this is simply setting the clock backwards...Looking at TPB, there seem to be multiple versions.

In other news, I am also about to do a admin pass reset on one of my lap tops tonight. I acquired the laptop and setup a separate admin account with associated password, and promptly forgot the password lol. Of course my 'clue" is always vague. Now though, I have done this 3-4 times in the past year. I recently used a tool on Kali to do this, and previously used Backtrack. I can post my actual steps here later on if you guys want them.
Last edited by Thor on Thu Jan 09, 2014 5:27 pm, edited 1 time in total.
Quidquid latine dictum sit, altum sonatur.
- Whatever is said in Latin sounds profound.

Omnis Vestri Substructio Es Servus Ad Nobis.
- All Your Base Are Belong To Us

User avatar
Cool_Fire
Not a sandwich
Posts: 1888
Joined: Fri May 09, 2003 1:20 pm
Location: 41 6d 73 74 65 72 64 61 6d
Contact:

Re: windows password

Post by Cool_Fire » Thu Jan 09, 2014 5:16 pm

Thor wrote:I can post my actual steps here late one if you guys want them.
Please do. Though most of us probably know already, it's always useful to have a reference for this online.
If we're breaking the rules, then how come you can't catch us? You can't find us? I know why. Cause, it's ... MAGIC!
Hackerthreads chat, where the party is going 24/7.

User avatar
Thor
htd0rg lieutenant
Posts: 440
Joined: Tue Dec 18, 2007 9:39 am
Location: Location Location

Re: windows password

Post by Thor » Wed Jan 15, 2014 3:53 am

Cool_Fire wrote:
Thor wrote:I can post my actual steps here late one if you guys want them.
Please do. Though most of us probably know already, it's always useful to have a reference for this online.
I am, im getting around to a generic "writeup" on it. There are a few general ways to do this as im sure you are aware. I'm sort of revisiting this topic personally and im going to filter out what is good and what is not for the would be Windows password cracker out there.
Quidquid latine dictum sit, altum sonatur.
- Whatever is said in Latin sounds profound.

Omnis Vestri Substructio Es Servus Ad Nobis.
- All Your Base Are Belong To Us

jacklotm
n00b
Posts: 1
Joined: Tue Feb 18, 2014 5:39 am

Re: windows password

Post by jacklotm » Tue Feb 18, 2014 5:51 am

Hi ramiia! Give a try with PCUnlocker, which can run from a CD or USB drive. Boot your laptop from it and it allows you to remove a lost Windows password in no time. But before getting started, you need to make a PCUnlocker CD using another computer which you have access to. Good luck!

Best Wishes,
Jack

User avatar
Cool_Fire
Not a sandwich
Posts: 1888
Joined: Fri May 09, 2003 1:20 pm
Location: 41 6d 73 74 65 72 64 61 6d
Contact:

Re: windows password

Post by Cool_Fire » Sun Feb 23, 2014 5:55 am

jacklotm wrote:Hi ramiia! Give a try with PCUnlocker, which can run from a CD or USB drive. Boot your laptop from it and it allows you to remove a lost Windows password in no time. But before getting started, you need to make a PCUnlocker CD using another computer which you have access to. Good luck!

Best Wishes,
Jack
Please note this is not free software. There is a trail version but I'm not sure how that's limited in it's functionality but from the comments I've read it doesn't seem to be especially useful.
If we're breaking the rules, then how come you can't catch us? You can't find us? I know why. Cause, it's ... MAGIC!
Hackerthreads chat, where the party is going 24/7.

User avatar
Thor
htd0rg lieutenant
Posts: 440
Joined: Tue Dec 18, 2007 9:39 am
Location: Location Location

Re: windows password

Post by Thor » Sat Mar 08, 2014 11:27 am

I have been especially busy lately and have been traveling, so I haven't gotten to a writeup just yet. And im not sure after using a variety of tools that what I was originally going to put out is as relevent now. I think a list of current, relevent password tools would be more useful now. However, I have had a couple of more laptops come into my possession needing unlocking, running WIndows 7. One of the best approaches I have been using for any sort of maintenance as well as password bypassing on these is simply using what is included in Hirens Boot cd; when you have physical access to the machine.

I put Hirens on a bootable USB and it simply makes tasks like this much easier. You don't really need to fool around with rainbow tables and the more technical security tools out there that I typically would go to for this. The task has been made easier over the years (was it ever truly difficult?). You can simpy either clear the password to blank, do that and reset it to something else or bypass it entirely with a few tools included like Konboot or the awesome "Offline NT/2000/XP/Vista/7 Password Changer". One of the more interesting things you can do with that is adjust account priveledges as well with that last tool.

http://www.hirensbootcd.org/resetting-windows-password/

edit: one of the ideas I had was to make flowchart for Windows password bypassing that might cover a variety of situations...
Quidquid latine dictum sit, altum sonatur.
- Whatever is said in Latin sounds profound.

Omnis Vestri Substructio Es Servus Ad Nobis.
- All Your Base Are Belong To Us

User avatar
Cool_Fire
Not a sandwich
Posts: 1888
Joined: Fri May 09, 2003 1:20 pm
Location: 41 6d 73 74 65 72 64 61 6d
Contact:

Re: windows password

Post by Cool_Fire » Sat Mar 08, 2014 12:03 pm

I think it is worth noting that if you just need to get access to the machine then resetting the pass is probably the way to go. However if you need to be undetected in your access, or if you have a range of targets, recovering a password is usually preferable since it may give you more information and it may be reused in other places.
If we're breaking the rules, then how come you can't catch us? You can't find us? I know why. Cause, it's ... MAGIC!
Hackerthreads chat, where the party is going 24/7.

User avatar
Thor
htd0rg lieutenant
Posts: 440
Joined: Tue Dec 18, 2007 9:39 am
Location: Location Location

Re: windows password

Post by Thor » Fri Mar 14, 2014 10:26 am

Cool_Fire wrote:I think it is worth noting that if you just need to get access to the machine then resetting the pass is probably the way to go. However if you need to be undetected in your access, or if you have a range of targets, recovering a password is usually preferable since it may give you more information and it may be reused in other places.
This is an excellent good point. One I hadn't really gave thought to lately because I have essentially just been forcing myself into boxes. I would bet money that whatever Windows password I discovered on the majority of the the boxes would be the same password used for many other accounts. On occasion I have used a password dump tool within Hirens as well, to see what web passwords are cached, usually they are all the same for multiple accounts listed. I think this is true for many normal users.
Quidquid latine dictum sit, altum sonatur.
- Whatever is said in Latin sounds profound.

Omnis Vestri Substructio Es Servus Ad Nobis.
- All Your Base Are Belong To Us

ramia
n00b
Posts: 2
Joined: Sat Aug 23, 2014 4:31 am

Re: windows password

Post by ramia » Sat Aug 23, 2014 4:47 am

apologies for the late response, as I was checking if my main account were banned or something, lucky it is not, seems like my password got reset or something, anyway back to topic;

what I did was enable the sticky keys to run command prompt (shift key 5 times) from there changed my account password ~~ I forgot what commands I used though, also I remembered using hiren back then

thank you for the suggestions

cgcartz
n00b
Posts: 1
Joined: Tue Jan 30, 2018 9:46 pm

Re: windows password

Post by cgcartz » Tue Jan 30, 2018 10:05 pm

You can download and burn an iso of Offline NT Pass Changer
http://pogostick.net/~pnh/ntpasswd/

OR You can use TunesBro to reset passwords ins 2000/XP/Vista/2003/2008/7
https://www.tunesbro.com/reset-windows-7-password.html

From another computer download the iso and use a program like isoburner/cdburnerxp to burn the iso. Place in the laptop and hit F12/F8/ESC or sometimes it says press ? to change boot order. Once the cd loads it should be on the front page, Offline NT Pass Changer.


It seems NT Password no longer works for Windows 10. Any alternative?
Last edited by cgcartz on Fri Mar 09, 2018 1:53 am, edited 1 time in total.

User avatar
Cool_Fire
Not a sandwich
Posts: 1888
Joined: Fri May 09, 2003 1:20 pm
Location: 41 6d 73 74 65 72 64 61 6d
Contact:

Re: windows password

Post by Cool_Fire » Wed Jan 31, 2018 3:25 am

It depends on what your purpose is.

You can try kon-boot to bypass the login, but you won't get the password out.

Or you can try dumping the hashes with a tool that supports the new format for windows 10 password storage. I think mimikatz should be able to do this. Other tools will likely add support sooner or later.
Either way if you're dumping hashes you won't be able to take advantage of the Ophcrack rainbow tables anymore so you're back to brute force and dictionary attacks.

I don't know off hand if john the ripper or hashcat have implemented support for the new windows 10 format yet but either way you may be in for a long hash cracking session.
If we're breaking the rules, then how come you can't catch us? You can't find us? I know why. Cause, it's ... MAGIC!
Hackerthreads chat, where the party is going 24/7.

Post Reply