I previously demonstrated Ophcrack which is a Windows password cracker that uses pre-computed hashes to match the password hash from the target machine's dumped SAM table. Password reset is as the name suggests substituting the password hash from the target machine's dumped SAM table so that you can stipulate the password that you wish to use.
My weapon of choice for password reset is Offline NT Password & Registry Editor. The tool's name is misleading as it supports newer OSs like XP and Vista. You can burn it into a bootable CD or utilize a boot disk. In my demo, I boot the target machine off a CD. I follow the tool's instructions before specifying a blank password. Once the new password is saved, I am able to enter the target system using a blank password.
The high res version of this demo can be downloaded here.
Each method has its pros and cons. Password cracking is time consuming but does not alert the adminstrator as the system password remains unchanged. Password reset is fast but is too obvious when the administrator cannot log into his system.
Subscribe to:
Post Comments (Atom)
VMware Workstation Pro is now free for personal use!!!
VMware Workstation Pro is now free for personal use!!! However, it was not straight forward to install on Ubuntu as I encountered error mes...
-
This annoying message popped up after I ran the update in avast! in Ubuntu yesterday. avast! crashes every time I attempt to launch it after...
-
I decided to install a digital certificate for my Gmail account. This is simple and free to set up. Apply for a free certificate from Comod...
No comments:
Post a Comment