Re: Security with XP

From: Roger Abell [MVP] (mvpNOSPAM@asu.edu)
Date: 11/12/02 

From: "Roger Abell [MVP]" <mvpNOSPAM@asu.edu>
Date: Tue, 12 Nov 2002 06:10:07 -0700

This was an possible with W2k. I have heard of some
that say this has worked for them with XP even though
it was supposedly disabled with the XP release. It has
not worked for me, but then I may have done something
wrong. 

--
Roger Abell
MS MVP (Security, Windows), MCDBA,  MCSE both
Associate Expert - Windows XP ExpertZone
http://www.microsoft.com/windowsxp/expertzone
"Jurij" <jurijvi-nospam@hotmail.com> wrote in message
news:#6QSOeMiCHA.1952@tkmsftngp09...
> Is it true that by deleting the SAM files anyone can gain access to a XP
> computer?
> Read the below:
>
>
> Recovering from a lost or changed admin password
>
> Did someone change your admin password and now you can't do anything and
the
> perpetrator won't tell you what the new password is? (This is from
personal
> experience.) Well, there are two ways to fix the situation. First, though,
> make sure you make backups of everything before you try this, just in
case.
> These are radical solutions for a tough situation.
>
> 1) Did you keep your root partition/drive as a FAT32/16 area? If you did
the
> solution is easy. Get any Windows9x boot disk and boot up to it, then CD
to
> X:\WINNT\system32\config and delete SAM (no extension), SAM.SAV, and
> SAM.LOG. The SAM without an extension is actually an exe file. Those three
> files control the usernames and passwords. Delete them, reboot, and there
> will be NO admin password to worry about. Recreate users as before and
this
> time keep the admin password to yourself.
>
> 2) What if your root drive is NTFS? A Win9x boot disk won't work. Well,
> hopefully you have a spare partition to reinstall a copy of Win2K into.
Then
> just CD to the directory listed above on the old copy of Windows 2000,
> remove those files, edit boot.ini, and reboot--you get the same result.
>
>
> Hope someone can clarify. By reading this, I don't see any great secutity
> feature in XP.
>
> Jurij
>
>

Relevant Pages

  • Re: question regarding SAM file / l0phtcrack / pwdump2
    ... the original question- the SAM that you were accessing on a DC wasn't ... As for why pwdump2 and pwdump3 were hanging, ... > session is enumerate info on the host. ... > admin password through a NULL session and then ...
    (Focus-Microsoft)
  • Security with XP
    ... Is it true that by deleting the SAM files anyone can gain access to a XP ... Recovering from a lost or changed admin password ... Did someone change your admin password and now you can't do anything and the ... A Win9x boot disk won't work. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: NT Administrator Password
    ... To try and calm him I have changed the ... >admin password to something that I only know about - however, ... ever be 100% crack proof. ... SAM, plus rotate paswords frequently. ...
    (comp.os.ms-windows.nt.admin.security)
  • Re: Password recovery help?
    ... > PII PC? ... > I dont know admin password for Win2000 laptop and now my personnel ... > I DO NOT have any Win2000 CDs to create a boot disk. ... I dont want to spend $200 for XP OS ...
    (microsoft.public.win2000.general)
  • Re: Password recovery help?
    ... download the appropriate .zip file, which contains only one file, an .iso ... > burn cd instructions dont come close to matching the file names that are ... >>> I dont know admin password for Win2000 laptop and now my personnel ... >>> I DO NOT have any Win2000 CDs to create a boot disk. ...
    (microsoft.public.win2000.general)
Quantcast