[CentOS] Re: Breaking Windows XP user password?

Thu Jan 24 17:03:53 UTC 2008
Scott Silva <ssilva at sgvwater.com>

on 1/24/2008 6:10 AM Scott Ehrlich spake the following:
> Granted this is not a UNIX system, but in case there is a UNIX tool to 
> accomplish the goal...
> 
> I am looking for a bootable CD/DVD (or application to be placed on a 
> CD/DVD to be made bootable) that can let me mount a Windows XP 
> drive/partition (SP1 or SP2), and force-crack the admin password (even 
> if admin account name has been changed, but I know what it has been 
> changed to).  The application cannot write to the hard drive - only 
> mount it read-only, read the password file into ram, and show the 
> cracked password.
> 
> I know I can use the pnordahl utility to try and force-change the 
> password, but I actually want to crack it.
> 
> The utility should be free.
> 
> This is a legal request.
> 
> Thanks for leads.
> 
> Scott
XP passwords are stored as hashes. You need to brute-force guess and compare 
the created hashes to the stored ones.
If the user has the same password stored in programs like outlook express, 
that is much easier.

But forensically, changing the password to gain access is usually sufficient. 
  Knowing the original password is not that valuable in a legal scenario, as 
you will need a warrant anyway to access anything else that might be protected 
by that password.

If it is that critical, find a certified PC forensics specialist. One misstep 
on your part will make the evidence worthless in court.

-- 
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20080124/08e55717/attachment-0005.sig>