some clearification

[ReDSpideR]

well im trying to fix my Girlfriends fathers PC, he bought it like i'd say 8 months ago. since then he messed with some passwords and now cant get into his main account. I suggested booting the factory settings but he doesn't want too (im assuming to keep his work files)

so i decided to try ophcrack LiveCD, no luck. shortly after some more research i realized vista stores their hashes in LMNT.

anyways, i tried grabbing the SAM hash from the computer with saminside, no luck said something about not having proper admin right/file in use...ect..

so im able to see the account names using OPHcrack Live CD. i guess what im asking is. is it possible to:

1 - load the SAM using Ophcrack LiveCD 1st.. but:

2 - how do i export it to another place so that i can the hash up to Plain-Text.info?

The step im seeking is, how to export the hash string while in the OphCrack LiveCD Enviourment, so i can add it to Plain-Text.info/ Cain BruteForce?

Thank you so much for taking the time to read this.

Regaurds, ReD-SpideR

[Deveant]

hmm i dont care if ur fake or not, this is the easiest way to fix this issue, and doesnt give u the users password, though the tool disk used is illegal and should be killed off after use *cough*.

- download a copy of Hirans Boot Disk (latest version)

- Burn it to a disk, and lod it up on the machine

- go into Password recovery

- use the first tool (cant remeber the name)

- it will then allow you to remove the password on the administrator account (even for Vista)

- do this then boot into vista, use the admin account to either change the password for the user, or to assign a new password to the admin.

- Throw hirens boot disk out of window of moving car.

[ReDSpideR]

lol thanks but i much rather understand why Vista's hashes arent loading or how to export then in the Ophcrack.

Learning is my goal here.

thanks but replacing the password is easy, im trying to recover his password, its a bit different then replacing it.

[911alertme]

Why would you want to recover it? Replacing it with a new one will work just as well.

[ReDSpideR]

because its the same password for his e-mail from his isp.

he needs it. unfortunately i haven't been helpful

[911alertme]

If it is the same password he can just call his ISP and they will give it to you.  I know I can never remember all the passwords for my families email (I'm the tech guy who always has to set it up) and I just phone my ISP and they give it to me.

[ReDSpideR]

hes with a dial up service, they dont give out passwords.

hes too stubborn, but anyways thanks for your input, but regaurdless i want to learn.

i shall continue research till i figure this out =)

[Deveant]

If it is the same password he can just call his ISP and they will give it to you.  I know I can never remember all the passwords for my families email (I'm the tech guy who always has to set it up) and I just phone my ISP and they give it to me.

:-o ur ISP openly gives u the account passwords? hehe thats kool, mine reset.

Also sorry mate, but ReDSpideR ur starting to sound a lil sus now, im all happy to tell u how to fix the issue at hand, but when ur target is getting someones passowrd, then ur outta luck. Aswell as, once the password on his machine is changed, he will have access back into his email client, which whould then have no need for the password, call the ISP get it reset.

The thing is, MS has learnt, and have increased there security on there Hive, its now alot harder to read the Hash.

[SmoothCriminal]

I am all for helping you out, but I was going to suggest the Hi-Rens disk as well.  Good luck anyway, oh and maybe if he calls up his service provider they would make an exception.

[Sparda]

Step one: enter password

Step two: remember password

Step three: forget password

Step four: receive beating

What did you learn?

[SmoothCriminal]

Step one: enter password

Step two: remember password

Step three: forget password

Step four: receive beating

What did you learn?

Don't do drugs?

[ReDSpideR]

for a p lace where they describe how to get password and user information with tools such as Hacksaw and such, im suprised non of you will just tell me how to extract a hash properly from windows vista.

hey if you dont know how thats cool, just dont bother posting.

as for your silly recieve beating comment, i would LOVE to see you try to say that to my GF's dad lmao.. war 2 VET, hard ass, would probaly wipe your face with your digital words lol.. anywho..

thanks for some (reseting) solutions.

but now im just curious why its dificult to extract a vista hash.

i guess this topic is done since no1 doesnt know how to do it properly.

Thanks again, if my research fails by this weekend, ill suggest the reset call to his isp.

as for me, ill keep researching till i figure it out.

[VaKo]

Vista password recovery:

http://swamp.foofus.net/fizzgig/fgdump/default.htm

You should be able to login with a blank administrator password or just reset the admin password which gives you access to the system in order to recover the other passwords.

Regarding:

as for your silly recieve beating comment, i would LOVE to see you try to say that to my GF's dad lmao.. war 2 VET, hard ass, would probaly wipe your face with your digital words lol.. anywho..

Read:

http://sw.deri.org/~matteo/welcome.php

[SmoothCriminal]

If you have the most up to date opera crack cd it should work (it is compatible with Vista, scroll down do the bottom of this website and see for yourself).  http://ophcrack.sourceforge.net/

[moonlit]

Read:

http://sw.deri.org/~matteo/welcome.php

lol.

Also, just so this isn't a completely pointless reply, google NT Offline Password and Registry Editor. If you're asking this for a legit reason, this should suffice.

[ReDSpideR]

woot some better suggestions.

Thanks, this is steering me into a better direction.

i also found this tweak/"hack" articile that might come in handy.

this page in particular about the hidden 'Administrator' username in Vista.

Link: http://www.computerworld.com/action/articl...mp;pageNumber=2

[anyedie]

Maybe I should make a new topic for this, but I'll post it here to aviod clutter.

Does anyone know if it would be possible to boot a computer from a windows liveCD like miniPE and somehow get into the registry to add a new administrator account?  Does anyone know how or why not?

[Deveant]

if i remember correctly its either on "Hirens", or "Smash's Admin Disk", though this isnt in a Windows Enviroment, u could also check out whats on the current version of UBCD.

[SmoothCriminal]

On HiRens you can add an admin I believe.

[ReDSpideR]

anyedie,

during my 'quest' so far i came across this:

http://www.nu2.nu/pebuilder/

PE Builder

it will build a bootable windows enviourment from a CD

i tried it on my XP and i was able to sucessfuly use its browsing system to copy and paste the SAM file and other files over to another location.

I will try it on VISTA on saturday to see if this works.

im guessing you could probaly do reg edits aswelll

it also comes with a cmd prompt.

good luck.

As for anyone else..

Does anyone know how to execute a cmd for FGDUMP so that the output file is generated where you tell it to go?

or even a way to just have the results DISPLAYED ?

if you know of an alternative to achieve the same results please feel free to suggest them, thanks

[digip]

anyedie,

during my 'quest' so far i came across this:

http://www.nu2.nu/pebuilder/

PE Builder

it will build a bootable windows enviourment from a CD

i tried it on my XP and i was able to sucessfuly use its browsing system to copy and paste the SAM file and other files over to another location.

I will try it on VISTA on saturday to see if this works.

im guessing you could probaly do reg edits aswelll

it also comes with a cmd prompt.

good luck.

As for anyone else..

Does anyone know how to execute a cmd for FGDUMP so that the output file is generated where you tell it to go?

or even a way to just have the results DISPLAYED ?

if you know of an alternative to achieve the same results please feel free to suggest them, thanks

Never used it but you might want to check the sites documentation: http://swamp.foofus.net/fizzgig/fgdump/fgdump-usage.htm

[ReDSpideR]

ya when i run FGDUMP from the bootable CD I put together, it cant "write" to the disk obviously so im trying to think how i can utilize the tool, i wonder if i can run it from a usb while booted into that enviourment.

hmmmmmmmmm........