Jump to content
Science Forums

Using chntpw

TINNY
 Share

Recommended Posts

TINNY Newbie

TINNY

Posted
  • Author
Posted

alex, that site is blocked by the server, same as with all other sites that has to do with windows hacking.

 

anyway, the problem when i use chntpw is that the error 'bad file descriptor' when i give the folllowing command:

chntpw -u Administrator sam

Link to comment
Share on other sites
alexander Newbie

alexander

Posted
Posted

umm, ok, a few things there tinny...

ok, one, why do you want to get the admin password? you can just reset it, I doubt you use windows EFS for anything, pretty much nobody does, so you are better off with resetting the password via hash insertion. Two, you'd have to check with the DMCA, but I'm pretty sure that decrypting someone elses (and maybe your) SAM file is sort of agains the law. And finally, if you have the file, the only util (that i know) to cark the windows hash file is loftcrack, i think only available for windows, oh and it takes a long while... so...

Link to comment
Share on other sites
TINNY Newbie

TINNY

Posted
  • Author
Posted

DMCA is Digital Millennium Copyright Act. It's all about copyright law. Decrypting SAM files has nothing to do with copyright.

 

Hmm, so it's loftcrack eh? I'll check it out. Thanks. You're ever so resourceful.

 

Anyway,

you can just reset it, I doubt you use windows EFS for anything, pretty much nobody does, so you are better off with resetting the password via hash insertion
how do you reset the password via hash insertion? I thought it wasn't possible to reset it if it is encrypted on winxp.
Link to comment
Share on other sites
Buffy Rookie

Buffy

Posted
Posted
DMCA is Digital Millennium Copyright Act. It's all about copyright law. Decrypting SAM files has nothing to do with copyright.
Actually no, the DCMA specifically prohibits defeating *any* encryption mechanism, whether its being used to protect a copyright or not... Thanks Mr. Ashcroft!

 

Cheers,

Buffy

Link to comment
Share on other sites
TINNY Newbie

TINNY

Posted
  • Author
Posted
Actually no, the DCMA specifically prohibits defeating *any* encryption mechanism, whether its being used to protect a copyright or not... Thanks Mr. Ashcroft!
well, that would really stall the development of stronger encryption...

I don't understand. Why would defeating encryption mechanism be prohibited? Why not just say that any act of obtaining private information be prohibited?

Link to comment
Share on other sites
Buffy Rookie

Buffy

Posted
Posted
well, that would really stall the development of stronger encryption...

I don't understand. Why would defeating encryption mechanism be prohibited? Why not just say that any act of obtaining private information be prohibited?

To increase the power of the law enforcement authorities. All you have to do is show someone was trying to break something using a method that *might* be used nefariously, and it prevents it from falling into the wrong hands, even if the person breaking the encryption had only altruistic motives.

 

There was a guy who broke the encryption that Adobe built into PDF format about a year ago, even though he wasn't stealing anything, just proving that they encryption mechanism was weak and should be improved. Adobe finally figured out that the bad PR was not worth it and decided not to press charges so the Feds had to back off.

 

Cheers,

Buffy

Link to comment
Share on other sites
alexander Newbie

alexander

Posted
Posted
DMCA is Digital Millennium Copyright Act. It's all about copyright law. Decrypting SAM files has nothing to do with copyright.
the DCMA specifically prohibits defeating *any* encryption mechanism, whether its being used to protect a copyright or not

I love you Buffy, you are so resourceful and handy :note:

P.S. tinny, I would not have specified DMCA unless i was pretty sure that there really was something in there prohibiting decryption, and possibly specifically dealt with password hashes, I do know what DMCA is, and at one point even started reading it, with no success, i had better things to do...

anyways, its lophtcrack, also spelled l0phtcrack, its not free and the new ones dont have trial, and i was only able to find version 2 (trial) on torrentsearch (try searching for LC2)

anyways, you can also convert that SAM to a unix password file and run it through john... both ways are pretty slow and i think you'd be better off with juyst replacing the hash...

Link to comment
Share on other sites
alexander Newbie

alexander

Posted
Posted

hmm, let me try and explain, you see Tinny, a hash is a jumble, when you hash something you chop it into pieces and in CS hash refers to hash tables, which are an assocoative array that associates keys with values, and that is basically why it is a favorite way, for microsoft, to store their passwords. The technique of inserting new passwords for already existing accounts in microsoft is called hash insertion, and can be done from within knoppix std via ntpasswd, and most people who need access to their accounts and dont remember their passwords will do just the hash insertion, because they dont use EFS (microsofts encrypted file system). The only reason to actually decrypt a sam file would be only to gain access to the EFS-"protected" files, but to a normal user, just resetting their password should be more than sufficient...

Link to comment
Share on other sites
TINNY Newbie

TINNY

Posted
  • Author
Posted

i don't think my knoppix std has ntpasswd. would it be possible for you to attach the program and PM to me? I can't open certain sites, especially sites on windows hacking coz it's blocked by the admin at my computer lab.

Thanks..

Link to comment
Share on other sites
C1ay Newbie

C1ay

Posted
Posted
c1ay, that site is also blocked. I cannot access it. It'd be good if you could PM it or email the file.

Can you get to the site through a free proxy like Anonymouse? Try this link. There are more anonymizers here you could try as well. Just go to the proxy and put in the address to redirect to. The address you want is http://home.eunet.no/~pnordahl/ntpasswd/ The site has the instructions, different images, release notes and other info that could be useful. It would be hard to reproduce all of it to PM you.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing
×
×
  • Create New...