[secrou]

Hi,
i have a question about a real secure windows computer.
we tried nerby everything to get administrator privelegs an a system.
we tried to boot from DOS ofcourse but also the bios is secrured and all standart passwords do not work.

do you now an exploit to get the SAM file?
we are at the end with out voculabary.

greetz

[Hehe0815]

if u have direkt access to the machine try to start with an windows me startdisc and then install a second os,doing this will end up in accessing all files on hdd!
if u need direkt access, i would boot again with a windows me startupdisc and grad the sam and the other file(dont know name anymore) with a dos packer to a disc and then brute it!
did this with my dads computer, it worked!
sry for this english iam not really normal today

[what]

If the bios are locked, there is most likely a "jog" in the motherboard that will allow you to disable all bios passwords. It will most likely be marked with a PSWD or something like that. I recommend you go to the manufactuerers site and take a look at the specs on the motherboard.

P.S. The jog is simply a little piece of plastic that covers two metal pins near either the IDE cable for the hard drive or the power supply hookups on *most* atx motherboards. If you need more info for changing the password, lookup knoppix-std on google. Best tool ever.

[webdevil]

boot it with a live linux cd and mount the windows partition on it. COPY the SAM file from it and your done!! :ph34r:

[the0ne]

Hi

You can reset Windows Admin password with a CD. The instructions and The CD-Image you find on these site:

hxxp://home.eunet.no/pnordahl/ntpasswd/

I would reset the pwd to NULL. It doesn't work all time to set an own password.

To reset the Bios PW. I would take out the Battery on Mainboard for 5 - 10 Mins.
Then it should be reset...

[x@ros2000]

Regarding SAM:
hxxp://www.foofus.net/fizzgig/fgdump/
I guess this will get most part of the job done ;-)
Or maybe give a try to SamInside?
Alternatively,if the BIOS at least permits you to boot from a cd,
why not give a try to the Ophcrack live cd,it's really fast:
hxxp://ophcrack.sourceforge.net/
(Finally,you mentioned there's no ability to boot from DOS,
but anyway,for a DOS version of 'ntpasswd':
hxxp://www.cgsecurity.org/ntfs.html
I had this really weird idea of trying to run it from within a DOSBox emulation...)

Regarding BIOS:
You'll also find here a nice BIOS password decrypter:
hxxp://www.cgsecurity.org/cmospwd.html
There are also other BIOS crackers out there,but I haven't tested them to clarify on their results...
The battery removal method usually works,but resetting a BIOS password is somehow..."noisy".
I'd prefer searching the manufacturer's site for an "emergency backdoor",
in case they don't list one and want you to call them for support etc.,
try googling for "BIOS default passwords",with a bit of luck...

[karavay]

chntpw thats all one need to reset his windows passwords even though u got syskey active!!! ( as long as one can boot from floppy CD/DVD rom)