on 1/24/2008 6:10 AM Scott Ehrlich spake the following: > Granted this is not a UNIX system, but in case there is a UNIX tool to > accomplish the goal... > > I am looking for a bootable CD/DVD (or application to be placed on a > CD/DVD to be made bootable) that can let me mount a Windows XP > drive/partition (SP1 or SP2), and force-crack the admin password (even > if admin account name has been changed, but I know what it has been > changed to). The application cannot write to the hard drive - only > mount it read-only, read the password file into ram, and show the > cracked password. > > I know I can use the pnordahl utility to try and force-change the > password, but I actually want to crack it. > > The utility should be free. > > This is a legal request. > > Thanks for leads. > > Scott XP passwords are stored as hashes. You need to brute-force guess and compare the created hashes to the stored ones. If the user has the same password stored in programs like outlook express, that is much easier. But forensically, changing the password to gain access is usually sufficient. Knowing the original password is not that valuable in a legal scenario, as you will need a warrant anyway to access anything else that might be protected by that password. If it is that critical, find a certified PC forensics specialist. One misstep on your part will make the evidence worthless in court. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 187 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20080124/08e55717/attachment-0005.sig>