Re: can someone get admin password with physical access?
From: Matt Jamieson (matt@uk2.net)Date: 03/02/02
- Previous message: What Ever: "Re: windows NT4 WS and 2000 Pro user profile question"
- Next in thread: chris@nospam.com: "Re: can someone get admin password with physical access?"
- Reply: chris@nospam.com: "Re: can someone get admin password with physical access?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: matt@uk2.net (Matt Jamieson) Date: 2 Mar 2002 11:26:48 -0800
> Is there a way that any person with
> physical access hack the admin or other users password? I heard that you
> can use a linux boot disk to access a file and use l0ptcrack to crack it,
> but I heard that it only works for FAT32 partitions. Is this true? And if
> there is a way to hack the passwords if someone has physical access, how can
> they do it? and is there a way to stop it? (besides physical security)
Hi
Anyone with physical access to a WinNT/2K machine (and also I assume
with XP, although I've not tried it) can change any user's password
using a bootdisk utility from here:
http://home.eunet.no/~pnordahl/ntpasswd/
No only is this faster than copying the SAM database and cracking it,
it's also much easier to do.
In my experience any machine with SYSKEY enabled or 128-bit encryption
will have the SAM corrupted if you use this utility, and you will only
be able to log in as the use whose password you have changed.
Anyway, a tool worth a look whether you want to think about ways of
blocking it or you regularly forget your password!
Your Mileage May Very
Matt
- Previous message: What Ever: "Re: windows NT4 WS and 2000 Pro user profile question"
- Next in thread: chris@nospam.com: "Re: can someone get admin password with physical access?"
- Reply: chris@nospam.com: "Re: can someone get admin password with physical access?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
