Getting Hashes

[Masquerade]

Hey everyone

I got a dell computer from a more or less stranger. Only a guest account is avalaible. I successfully installed Ophcrack on this machine (what comes with pwdump6). The only problem is that the AntiVirus protection prevents me from fetching the hash.

. It seems quite useless to me to try random hash dumpers. So my question is, if there is any other way to get the hash. The Anitvirus protection is called G DATA AntiVirus Client.

Thanks a lot!

benny

[Sparda]

I'd reinstall Windows

[ls]

yep, the best would be to reinstall your os since it will be probably full of virusses and random junk

[digip]

BUT if you wanted the password, run Ophcrack off the live cd. No antivirus can protect against it since it will not be running. I never heard of "installing" Ophcrack to get a windows password. Either way, once you get the password, its useless, since if there were files you wanted to see, you could easily copy anthing off the machine while in a live disc state to an external HDD drive or USB flash drive. Then resintall windows, as stated above, never use someoen elses account as you do not know what kind of malware is on there.

The guy who gave it to you should have at least kept the HDD or at minimum dban'ed it before giving it to someone.

[Masquerade]

I already tried the live CD. The problem is, that i dont have the ability to boot from CD ROM; i dont know the BIOS password. And it doesnt seem like there are backdoor/master passwords for the dell optiplex.

[Sparda]

Open up the computer and clear the CMOS by disconnecting the computer from the mains taking the battery out for 10 seconds.

[gEEEk]

I think you are referring to L0phtcrack.

Which is a program you run INSIDE Windows.

Clear the CMOS as mentioned. And then boot into OphCrack,

via a CD or a Pendrive.

Try if the administrator account is active, and hopefully without a password.

By pressing CTRL ALT DELETE at the login screen.

[digip]

Try the CMOS battery removal, which should remove any bios password. If its shadowed on the HDD, then try http://www.freelabs.com/~whitis/security/backdoor.html or http://www.xs4all.nl/~matrix/mpwlist.html

[Masquerade]

Thanks a lot!

I will try this.

Is there any way to get the password without physical access?

[Sparda]

Find the stranger and ask them what it is.

[Masquerade]

Find the stranger and ask them what it is.

hes already gone. i got the machine on a market where people sell old stuff they dont need anymore.

[x5h4d0wx]

Hey everyone

I got a dell computer from a more or less stranger. Only a guest account is avalaible. I successfully installed Ophcrack on this machine (what comes with pwdump6). The only problem is that the AntiVirus protection prevents me from fetching the hash.

. It seems quite useless to me to try random hash dumpers. So my question is, if there is any other way to get the hash. The Anitvirus protection is called G DATA AntiVirus Client.

Thanks a lot!

benny

not sure whether or not youve decided to do anything to this pc yet, but if you are still locked out of it, i always try a more simplistic approach to breaking into windows accounts.

If you restart your pc, and press either f8 or f12 usually its one or the other you can load windows in safe mode. once in safe mode you will be brought to the windows logon screen where you can choose which account you can log into. but now instead of the usually visible accounts there is typically a extra Administrator account available now that is usually hidden. most of the time this account goes hidden and unnoticed by the basic pc user, so it typically doesnt have a password. once you log in you can remove passwords from other user accounts. now if this is someone elses computer and you dont want them to know about you breaking in then i dont recommend this approach.

[Masquerade]

Thanks, ill try this also next time.

[aeturnus]

I'd reinstall Windows

If you just want access, what's wrong with simply reinstalling?