Help me get control of my computer back!!! Admin password changed and no longer can do anything...

[Metalloid]

So a bunch of people came over last night to watch the U of M game, and I let a few people get on my computer. One of the guys is pretty smart, but a real jackass, so he decided to change my administator password (I have no idea how he did it but that isn't the point), and then take the main account that I use and change it from the administrator group to the users group. So I no longer have control of my computer. I downloaded the demo for a password cracker to recover it, but what do you know? I can't install the freakin program because I am only a user now.

I know that posting info on how to get my computer back (without reinstalling windows) isn't something that we want posted on ATOT, but I was thinking that anyone who wants to help me out could PM. Thanks for any advice you can give.

 

[conjur]

Call the guy that did it?





Or just install Windows into a new folder.

 

[HappyPuppy]

Call MS.

 

[PowerMacG5]

http://home.eunet.no/~pnordahl/ntpasswd/

 

[spanky]

check ur pm

 

[Kanalua]

Use KraziKid's prog., then go to the guys house and beat the crap out of him.

 

[PowerMacG5]

You can use the program I suggested a few posts up, which works pretty much all the time, or you can do this. If you have another computer sitting around, mount the HDD in it, and then use LC4 (l0phtcrack) or jack the ripper on the SAM file (%systemroot%\system32\config\SAM) and it will give you the password. Thr program I gave you will reset the password. Oh yeah, do what Kanalua said, and beat this kid silly.

 

[spanky]

Originally posted by: KraziKid
If you have another computer sitting around, mount the HDD in it, and then use LC4 (l0phtcrack) or jack the ripper on the SAM file (%systemroot%\system32\config\SAM) and it will give you the password.

hmm... i haven't tried that before. thanx for the tip

 

[PowerMacG5]

Originally posted by: spanky

Originally posted by: KraziKid If you have another computer sitting around, mount the HDD in it, and then use LC4 (l0phtcrack) or jack the ripper on the SAM file (%systemroot%\system32\config\SAM) and it will give you the password.

hmm... i haven't tried that before. thanx for the tip

No prob. The SAM file is a registry hive where the encrypted passwords are kept (similar to /etc/passwd in *NIX). These passwords are encrypted using Lan Man and NTLM hashes. There are some tips you can use to make the hashes invalid, therefore making the LC4 or Jack method pretty much impossible. For example, a 15 character or more string makes the Lan Man hash invalid, and ASCII values not in the extended tree also makes them invalid. Although some of these methods can be overcome be using the NTLM hash (which preserves caps and some ASCII values), but otherwise those are good tips. 15 characters or more, and ASCII values not in the extended table.

 

[Metalloid]

Alright I burned that .iso and am rebooting now to try it.

 

[Metalloid]

Alright I got it back to normal, now to go beat that kid senseless. Thanks for the help guys.

 

[PowerMacG5]

Originally posted by: Metalloid
Alright I got it back to normal, now to go beat that kid senseless. Thanks for the help guys.

No prob. Glad I could help.

 

[Mingon]

I found it easier to just delete the sam file after booting with win98 floppy

 

[crumpet19]

linux boot disk

 

Dont let others f@ck with your puter