Results 1 to 6 of 6

Thread: Chntpw = Goodbye SAM & SYSTEM :(

  1. #1
    Just burned his ISO
    Join Date
    Jun 2011
    Posts
    8

    Default Chntpw = Goodbye SAM & SYSTEM :(

    Hey guys, long story short....

    I was running BT5 on a live CD on one of my computers. I was experimenting with 'chntpw'. When ever I would try run 'chntpw' it would say

    Code:
    The program 'chntpw' is currently not installed. You can install it by typing: apt-get install chntpw
    You will have to enable the component called 'universe'
    On running
    Code:
    apt-get install chntwpw
    it says
    Code:
    0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded
    when I move to
    Code:
    /pentest/passwords/chntpw
    and run
    Code:
    ./chntpw
    I can run 'chntpw' weird (any ideas for future how I can get this program running without being actually in it's directory)

    --------

    So I mount my windows drive in a temp folder navigate to
    Code:
    Windows/System32/Config
    Failing to run 'chntpw' I unfortunately came up with this genius idea to mv the SAM/SYSTEM file to the 'chntpw' directory.

    From here I can run ./chntpw I moved the files back and rebooted.

    On a second computer I run the exact same steps as above except FORGET TO MOVE THE SAM/SYSTEM FILES BACK

    I rebooted and now windows can't find the SAM/SYSTEM file so is locking me out.


    Is there a way to recover a backup version of SAM/SYSTEM?
    What's the best way to recover my files (I can see them using a live cd of BT)?

    ---------------

    Lesson to be learnt. Don't be an idiot and practice in a VM

    Thanks guys

    Pete

  2. #2
    Senior Member
    Join Date
    Jul 2010
    Location
    UK
    Posts
    136

    Default Re: Chntpw = Goodbye SAM & SYSTEM :(

    Is there a way to recover a backup version of SAM/SYSTEM?
    Here's a way to recover registry hives from the recovery point folders using the recovery console;

    http://www.myfixes.com/articles/system

    You can recover SYSTEM / SAM / SECURITY / SOFTWARE and DEFAULT

    This will only work though if you have recovery points available.
    Last edited by Jimmy87; 06-29-2011 at 08:15 AM.

  3. #3
    Senior Member cgelici's Avatar
    Join Date
    Feb 2010
    Location
    /root
    Posts
    121

    Default Re: Chntpw = Goodbye SAM & SYSTEM :(

    LiveCD uses RAM for storage if I'm correct so that means the SAM you moved was deleted when you rebooted. Maybe you can try windows recovery disk.

    If you want to start chntpw from anywhere within the terminal, add the tool to usr/bin like so,

    Code:
    ln /pentest/passwords/chntpw/chntpw /usr/bin/

  4. #4
    Just burned his ISO
    Join Date
    Jun 2011
    Posts
    8

    Default Re: Chntpw = Goodbye SAM & SYSTEM :(

    Quote Originally Posted by Jimmy87 View Post
    Thanks for the quick reply, after a few attempts I managed to restore the SAM & SYSTEM files.

    That website really helped, step by step guide how to restore the files. Took 3 attempts and had to delete the first SAM/SYSTEM file I restored as for some reason it did not load on start up and locked me out using XP Restore command line.

    In popped my BT5 cd to delete the files again and try it again. This time using a different system restore point.

    Thanks Guys

    Pete

  5. #5
    Very good friend of the forum Virchanza's Avatar
    Join Date
    Jan 2010
    Posts
    863

    Default Re: Chntpw = Goodbye SAM & SYSTEM :(

    Quote Originally Posted by cgelici View Post
    If you want to start chntpw from anywhere within the terminal, add the tool to usr/bin like so,

    Code:
    ln /pentest/passwords/chntpw/chntpw /usr/bin/
    Another option would be to edit the "/etc/environment" file and add to the PATH variable.
    Ask questions on the open forums, that way everybody benefits from the solution, and everybody can be corrected when they make mistakes. Don't send me private messages asking questions that should be asked on the open forums, I won't respond. I decline all "Friend Requests".

  6. #6
    Senior Member
    Join Date
    Jul 2010
    Location
    UK
    Posts
    136

    Default Re: Chntpw = Goodbye SAM & SYSTEM :(

    Thanks for the quick reply, after a few attempts I managed to restore the SAM & SYSTEM files.
    I'm glad it worked for you, I've used it many times and it's handy to know how to do it. Can be a bit hit and miss tho, every so often I get a computer where system restore isn't enabled and there aren't any restore points.

Similar Threads

  1. Chntpw isn't working.
    By Fjerdue in forum Beginners Forum
    Replies: 1
    Last Post: 02-23-2011, 06:59 PM
  2. fix chntpw in kde menu
    By joker5bb in forum Beginners Forum
    Replies: 1
    Last Post: 11-25-2010, 09:45 PM
  3. fix chntpw in kde menu
    By joker5bb in forum BackTrack Bugs
    Replies: 1
    Last Post: 11-25-2010, 09:45 PM
  4. problemas con chntpw
    By avpublicidad in forum Soporte en Software
    Replies: 0
    Last Post: 08-17-2010, 05:58 PM
  5. Chntpw
    By trevelyn in forum OLD Tutorials and Guides
    Replies: 4
    Last Post: 05-17-2008, 12:33 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •