Hacking SAM database on offline Windows

      5 Comments on Hacking SAM database on offline Windows

I found too much good information on my 600 feeds in feed demon to not pass some of them onto you…Here’s a nice tool to reset the local admin account if you forget it.

Today I had presentation for my colleagues – they had to prepare few vmware machines for me to test some functionalities…

However there was old local administrator password on these boxes – the one that no one was able to remember…

So I tried to use one of my "oldies goldies" tools called Offline NT Password & Registry Editor. This utility (or should I say Linux distro? ;)) is using known security issues of windows with local SAM file (hope so it is fixed once and for all in Windows Vista).

You can download it here: http://home.eunet.no/pnordahl/ntpasswd/

You download CD image (you can burn it or mount it to virtual CD drive), boot from it, hit enter few times (default configuration) and voila – you local administrator password is empty – and you were able to do it in few minutes….

I know that I shouldnt be happy about such security bug (specially if even SysKey is not able to protect you), however it helped me too many times… And hope so it will help you too 🙂

Hacking SAM database on offline Windows
martin
Wed, 23 May 2007 21:14:00 GMT

[tags]hacking, windows, admin, password[/tags]

5 thoughts on “Hacking SAM database on offline Windows

  1. ianemv

    I did similar when i forgot one of our PC's admin password..i used saminside software, I copied the two files (sam and syskey) from the PC (we forgot the password) and import it to other PC where we installed SamInside.

  2. ianemv

    I did similar when i forgot one of our PC's admin password..i used saminside software, I copied the two files (sam and syskey) from the PC (we forgot the password) and import it to other PC where we installed SamInside.

    1. jayb Post author

      Thanks for the link. Having the video makes it much easier to follow.
      Here’s the direct link from youtube

  3. Usman

    That’s why restricting physical access to the computers is more important than firewalls and other network security .. As a network administrator, this is my first priority .. to restrict physical access to unauthorized hands.

Comments are closed.

Loading Facebook Comments ...