Results 1 to 5 of 5

Thread: reset XP password hash, and reload it!

  1. #1
    xatar
    Guest

    Default reset XP password hash, and reload it!

    Hi all,

    I have a question...

    Does anyone know of a linux (or any other open source/free tool) tool that will perform a hash insertion attack (overwrite the password hash for an account), but have an option to load the original hash back to the SAM database so that the original user can still log on?

    I was watching a video on youtube (although most of the videos are noobs showing how to hack when you are an admin!!!) where someone used CIA Commander (licensed tool) to:
    reboot
    overwrite the password hash for the admin account
    reboot
    log on with new password
    create a new admin level windows account
    reboot
    copy original hash back to the SAM for admin account
    reboot
    log back on as newly created account

    Now, this guy was doing it to crack the account passwords with rainbow tables, which is stupid as he could just copy the SAM and system files when he reboots anyway!! I want to be able to cover tracks by copying back the original password instead of resetting it permenantly.

    any ideas?

    Could just copy the SAM/system files after booting off of BT, then reset the admin password, log on with new password and copy back the original SAM and system files.

    Any other ideas?

    cheers,
    xatar

  2. #2
    Just burned his ISO
    Join Date
    Mar 2007
    Posts
    8

    Default

    First, I would prefer just copy the SAM/system files and crack the passwords without changing anything on the disk. It is a risk-free (you don't risk messing up anything) and usually fast process.

    Quote Originally Posted by xatar View Post
    Could just copy the SAM/system files after booting off of BT, then reset the admin password, log on with new password and copy back the original SAM and system files.
    Then if that doesn't work, this could work too; make sure you can write to NTFS (if the windows is on NTFS).

    I am not sure if Offline NT Password & Registry Editor has the option to back up the password files; but if they don't, I would suggest to them to add it.

  3. #3
    Junior Member
    Join Date
    Jul 2007
    Posts
    40

    Default

    Windows Key enterprise will do the same thing (also not free, but effective).
    --
    "Linux is user-friendly. It's just very selective about who its friends are."

    "Linux users swear by their OS, and Windows users swear at their OS."

  4. #4
    Junior Member
    Join Date
    Jul 2006
    Posts
    88

    Default

    there is tool a like that and its also free but you need Windows iso image and a CD-R/RW.

  5. #5
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Quote Originally Posted by xatar View Post
    Hi all,

    I have a question...

    Does anyone know of a linux (or any other open source/free tool) tool that will perform a hash insertion attack (overwrite the password hash for an account), but have an option to load the original hash back to the SAM database so that the original user can still log on?

    I was watching a video on youtube (although most of the videos are noobs showing how to hack when you are an admin!!!) where someone used CIA Commander (licensed tool) to:
    reboot
    overwrite the password hash for the admin account
    reboot
    log on with new password
    create a new admin level windows account
    reboot
    copy original hash back to the SAM for admin account
    reboot
    log back on as newly created account

    Now, this guy was doing it to crack the account passwords with rainbow tables, which is stupid as he could just copy the SAM and system files when he reboots anyway!! I want to be able to cover tracks by copying back the original password instead of resetting it permenantly.

    any ideas?

    Could just copy the SAM/system files after booting off of BT, then reset the admin password, log on with new password and copy back the original SAM and system files.

    Any other ideas?

    cheers,
    xatar
    metasploit includes payloads which add you as a user on the victim system

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •