Security with XP

From: Jurij (jurijvi-nospam@hotmail.com)
Date: 11/10/02


From: "Jurij" <jurijvi-nospam@hotmail.com>
Date: Sun, 10 Nov 2002 22:41:32 +0800


Is it true that by deleting the SAM files anyone can gain access to a XP
computer?
Read the below:

Recovering from a lost or changed admin password

Did someone change your admin password and now you can't do anything and the
perpetrator won't tell you what the new password is? (This is from personal
experience.) Well, there are two ways to fix the situation. First, though,
make sure you make backups of everything before you try this, just in case.
These are radical solutions for a tough situation.

1) Did you keep your root partition/drive as a FAT32/16 area? If you did the
solution is easy. Get any Windows9x boot disk and boot up to it, then CD to
X:\WINNT\system32\config and delete SAM (no extension), SAM.SAV, and
SAM.LOG. The SAM without an extension is actually an exe file. Those three
files control the usernames and passwords. Delete them, reboot, and there
will be NO admin password to worry about. Recreate users as before and this
time keep the admin password to yourself.

2) What if your root drive is NTFS? A Win9x boot disk won't work. Well,
hopefully you have a spare partition to reinstall a copy of Win2K into. Then
just CD to the directory listed above on the old copy of Windows 2000,
remove those files, edit boot.ini, and reboot--you get the same result.

Hope someone can clarify. By reading this, I don't see any great secutity
feature in XP.

Jurij



Relevant Pages

  • Re: question regarding SAM file / l0phtcrack / pwdump2
    ... the original question- the SAM that you were accessing on a DC wasn't ... As for why pwdump2 and pwdump3 were hanging, ... > session is enumerate info on the host. ... > admin password through a NULL session and then ...
    (Focus-Microsoft)
  • Re: Security with XP
    ... > Is it true that by deleting the SAM files anyone can gain access to a XP ... > Recovering from a lost or changed admin password ... Get any Windows9x boot disk and boot up to it, ... The SAM without an extension is actually an exe file. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: NT Administrator Password
    ... To try and calm him I have changed the ... >admin password to something that I only know about - however, ... ever be 100% crack proof. ... SAM, plus rotate paswords frequently. ...
    (comp.os.ms-windows.nt.admin.security)
  • Re: Password recovery help?
    ... > PII PC? ... > I dont know admin password for Win2000 laptop and now my personnel ... > I DO NOT have any Win2000 CDs to create a boot disk. ... I dont want to spend $200 for XP OS ...
    (microsoft.public.win2000.general)
  • Re: Password recovery help?
    ... download the appropriate .zip file, which contains only one file, an .iso ... > burn cd instructions dont come close to matching the file names that are ... >>> I dont know admin password for Win2000 laptop and now my personnel ... >>> I DO NOT have any Win2000 CDs to create a boot disk. ...
    (microsoft.public.win2000.general)