NT Password

[FOBSIDE]

I was installing Office 2000 onto an NT 4.0 workstation and the machine decided to reboot halfway through the install while I was sitting there watching the meter go up. I don't know what these people do with their machines to cause something like this to happen! This is not my machine and basically no one can log into the machine now. The administrator password is unknown because there have been so many administrators here in the department that no one has any idea. Basically I'm locked out of this machine and I was wondering if there's anyway to get into the machine.

 

[FOBSIDE]

Nevermind...we guessed the password. But just for information is there a way to get in anyway? I know there are some cracks but some of the Service Packs fix that.

 

[kyoshozx]

If the Machine is on the domain change the password in the user manager for domains on the server.

If it's not on the domain and you don't know the password basically there isn't an easy way of logging into the machine.
If the harddrive's file system is FAT then you can copy the ACL and use some program to hack the encrypted password, this can be extremely time consuming since the only way of hacking it is by brute force. If the harddrive's file system is ntfs you wont be able to access the hard drive.
I do remember reading other ways of getting into NT but nothing simple. They usually do require reinstallation of NT itself.

So basically dont' forget your password or you're basically screwed =P

 

[jsm]

Hmm.. I believe there are quite a number of simply workaround for forgetting a password.

Here are some simple solutions I can think of.

1. If the hard drive is formatted in FAT, just boot off a floppy, find a file called SAM (dir /s SAM) and delete it, rename it - whatever you feel like doing to it. Then, reboot minus the floppy and log in as administrator with no password. Voila!

2. If the machine is formatted in NTFS, you are going to need something like NTFSDOS which costs money. There is a free version I have seen on some h4XX0R web sites, but it is a read only version - so don't waste your time. Anyhow, if you want the read/write version, you need to go to www.sysinternals.com. Boot up with a bootable CDROM at this point (I make it with Nero and a 98 boot floppy) then run NTFSDOS. Then, find that evil SAM and delete it, rename it, whatever tickles your fancy.

C2 security.. heheheh.