Help me get control of my computer back!!! Admin password changed and no longer can do anything...

Metalloid

Diamond Member
Jan 18, 2002
3,064
0
0
So a bunch of people came over last night to watch the U of M game, and I let a few people get on my computer. One of the guys is pretty smart, but a real jackass, so he decided to change my administator password (I have no idea how he did it but that isn't the point), and then take the main account that I use and change it from the administrator group to the users group. So I no longer have control of my computer. I downloaded the demo for a password cracker to recover it, but what do you know? I can't install the freakin program because I am only a user now.

I know that posting info on how to get my computer back (without reinstalling windows) isn't something that we want posted on ATOT, but I was thinking that anyone who wants to help me out could PM. Thanks for any advice you can give.
 

Kanalua

Diamond Member
Jun 14, 2001
4,860
2
81
Use KraziKid's prog., then go to the guys house and beat the crap out of him.
 

PowerMacG5

Diamond Member
Apr 14, 2002
7,701
0
0
You can use the program I suggested a few posts up, which works pretty much all the time, or you can do this. If you have another computer sitting around, mount the HDD in it, and then use LC4 (l0phtcrack) or jack the ripper on the SAM file (%systemroot%\system32\config\SAM) and it will give you the password. Thr program I gave you will reset the password. Oh yeah, do what Kanalua said, and beat this kid silly.
 

spanky

Lifer
Jun 19, 2001
25,716
4
81
Originally posted by: KraziKid
If you have another computer sitting around, mount the HDD in it, and then use LC4 (l0phtcrack) or jack the ripper on the SAM file (%systemroot%\system32\config\SAM) and it will give you the password.

hmm... i haven't tried that before. thanx for the tip :D

 

PowerMacG5

Diamond Member
Apr 14, 2002
7,701
0
0
Originally posted by: spanky
Originally posted by: KraziKid If you have another computer sitting around, mount the HDD in it, and then use LC4 (l0phtcrack) or jack the ripper on the SAM file (%systemroot%\system32\config\SAM) and it will give you the password.
hmm... i haven't tried that before. thanx for the tip :D

No prob. The SAM file is a registry hive where the encrypted passwords are kept (similar to /etc/passwd in *NIX). These passwords are encrypted using Lan Man and NTLM hashes. There are some tips you can use to make the hashes invalid, therefore making the LC4 or Jack method pretty much impossible. For example, a 15 character or more string makes the Lan Man hash invalid, and ASCII values not in the extended tree also makes them invalid. Although some of these methods can be overcome be using the NTLM hash (which preserves caps and some ASCII values), but otherwise those are good tips. 15 characters or more, and ASCII values not in the extended table.
 

Metalloid

Diamond Member
Jan 18, 2002
3,064
0
0
Alright I got it back to normal, now to go beat that kid senseless. Thanks for the help guys.
 

Mingon

Diamond Member
Apr 2, 2000
3,012
0
0
I found it easier to just delete the sam file after booting with win98 floppy