check your account management and see if there's anohter account on there (If theres only one and it isn't passworded the computer boots directly to desktop) If you have installed .NET Frameworks then you definately have an invisible account (it adds one for some reason)
You could, in theory, LAN the two computers, put a trojan on their computer that finds the password in the registry and sends it to your computer, but that's risky and illegal.
<!--QuoteBegin-cshank4+Sep 3 2004, 05:55 PM--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (cshank4 @ Sep 3 2004, 05:55 PM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin--> You could, in theory, LAN the two computers, put a trojan on their computer that finds the password in the registry and sends it to your computer, but that's risky and illegal. <!--QuoteEnd--> </td></tr></table><div class='postcolor'> <!--QuoteEEnd--> Is it really illegal? If you do it willingly to yourself?
<!--QuoteBegin-cshank4+Sep 3 2004, 02:46 PM--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (cshank4 @ Sep 3 2004, 02:46 PM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin--> check your account management and see if there's anohter account on there (If theres only one and it isn't passworded the computer boots directly to desktop) If you have installed .NET Frameworks then you definately have an invisible account (it adds one for some reason) <!--QuoteEnd--> </td></tr></table><div class='postcolor'> <!--QuoteEEnd--> I can't do that, because I can't get in to the computer.
And, yes, I've tried leaving it blank and hitting "Okay".
Would a fresh install of Windows work?
Formatting really isn't an option, because my dad has tons of photos on there (he's a photographer), and my mom has several novels (she's a writer), so its not like we can just discard it.
<!--QuoteBegin-Duff-Man+Sep 3 2004, 05:56 PM--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (Duff-Man @ Sep 3 2004, 05:56 PM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin--> <!--QuoteBegin-cshank4+Sep 3 2004, 05:55 PM--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (cshank4 @ Sep 3 2004, 05:55 PM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin--> You could, in theory, LAN the two computers, put a trojan on their computer that finds the password in the registry and sends it to your computer, but that's risky and illegal. <!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd--> Is it really illegal? If you do it willingly to yourself?
That's interesting. <!--QuoteEnd--> </td></tr></table><div class='postcolor'> <!--QuoteEEnd--> I'm pretty sure it is, I'd have to look into it, but IIRC it sates something like '...May not use/install Malware on users computer for blah blach blah' I read it like a month ago and my memory is terrible.
Well there are ways around NT security. You can reset the password with a certain program called NTPasswd (google it). You burn it to CD and boot from the CD (I assume you have a second computer since you're posting). You can enter a new password for any account, but you wont be able to access encrypted files.
And the usual disclaimer for any password reset program: Don't use it to break into other peoples computers, yadda yadda blah blah. I only discovered it because some twit at my dad's work changed passwords on a bunch of laptops because said twit was fired, and they needed the laptops back without having to be reformatted.
Trojans aren't illegal. They're just Remote Admins, modified with naughty options [not illegal options, but things that could be used to do naughty things, as well as reasonable things, if you know what i mean]. The way they are used is illegal - you can only put it on a computer you have control and authority to put it on, and permission. So that would be legal for you to try and chuck it through a LAN, if you could... Doesn't the computer have to be logged on to connect to the network?
<!--QuoteBegin-eediot+Sep 3 2004, 07:38 PM--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> (eediot @ Sep 3 2004, 07:38 PM)</td></tr><tr><td id='QUOTE'><!--QuoteEBegin--> I'm sorry I can't help with your problem, but
Trojans aren't illegal. They're just Remote Admins, modified with naughty options [not illegal options, but things that could be used to do naughty things, as well as reasonable things, if you know what i mean]. The way they are used is illegal - you can only put it on a computer you have control and authority to put it on, and permission. So that would be legal for you to try and chuck it through a LAN, if you could... Doesn't the computer have to be logged on to connect to the network? <!--QuoteEnd--> </td></tr></table><div class='postcolor'> <!--QuoteEEnd--> No, it doesnt.
Listen, dude. Before you try ANYTHING ELSE that someone has said here, try this:
In the Username box, type in "Administrator" In the Password box, type in "Password"
I guarantee you it will work. I have Windows 200 as well. It works.
Hrm didn't see the bit on trojans. Thats pointless. Password isnt in the registry. Its stored using a one way hash (albeit a weak one unless LMHashes are turned off) in the SAM file in C:\windows\system32\config (for XP, c:\winnt\system32\config for 2K IIRC).
You can use Knoppix and a USB flashdrive (or a network connection) to copy the SAM file to another computer and use a program (you'll have to find it yourself, I don't think I can mention it here) to bruteforce the LM hash. It takes about 8 hours to do one on my 3.4GHz machine, but if LM hashes are off, NT hashes are used, and that took 160-some hours to break (for a fairly simple password). Its legal to do to yourself, since the program is DESIGNED to be used to audit password security.
Edit: "Administrator" and "Password" will NOT WORK if the computer is set up by a competent person. It _asks_ during setup for your "Administrator" password. Nobody in their right mind would put in "Password" and it is NOT the default (that would be Microsofts stupidest move ever if it was).
Comments
Is it really illegal? If you do it willingly to yourself?
That's interesting.
I can't do that, because I can't get in to the computer.
And, yes, I've tried leaving it blank and hitting "Okay".
Would a fresh install of Windows work?
Formatting really isn't an option, because my dad has tons of photos on there (he's a photographer), and my mom has several novels (she's a writer), so its not like we can just discard it.
Is it really illegal? If you do it willingly to yourself?
That's interesting. <!--QuoteEnd--> </td></tr></table><div class='postcolor'> <!--QuoteEEnd-->
I'm pretty sure it is, I'd have to look into it, but IIRC it sates something like '...May not use/install Malware on users computer for blah blach blah' I read it like a month ago and my memory is terrible.
Type in "Password" for the Administrator account.
Works every time for me.
And the usual disclaimer for any password reset program: Don't use it to break into other peoples computers, yadda yadda blah blah. I only discovered it because some twit at my dad's work changed passwords on a bunch of laptops because said twit was fired, and they needed the laptops back without having to be reformatted.
Trojans aren't illegal. They're just Remote Admins, modified with naughty options [not illegal options, but things that could be used to do naughty things, as well as reasonable things, if you know what i mean]. The way they are used is illegal - you can only put it on a computer you have control and authority to put it on, and permission. So that would be legal for you to try and chuck it through a LAN, if you could... Doesn't the computer have to be logged on to connect to the network?
Trojans aren't illegal. They're just Remote Admins, modified with naughty options [not illegal options, but things that could be used to do naughty things, as well as reasonable things, if you know what i mean]. The way they are used is illegal - you can only put it on a computer you have control and authority to put it on, and permission. So that would be legal for you to try and chuck it through a LAN, if you could... Doesn't the computer have to be logged on to connect to the network? <!--QuoteEnd--> </td></tr></table><div class='postcolor'> <!--QuoteEEnd-->
No, it doesnt.
Listen, dude. Before you try ANYTHING ELSE that someone has said here, try this:
In the Username box, type in "Administrator"
In the Password box, type in "Password"
I guarantee you it will work. I have Windows 200 as well. It works.
You can use Knoppix and a USB flashdrive (or a network connection) to copy the SAM file to another computer and use a program (you'll have to find it yourself, I don't think I can mention it here) to bruteforce the LM hash. It takes about 8 hours to do one on my 3.4GHz machine, but if LM hashes are off, NT hashes are used, and that took 160-some hours to break (for a fairly simple password). Its legal to do to yourself, since the program is DESIGNED to be used to audit password security.
Edit: "Administrator" and "Password" will NOT WORK if the computer is set up by a competent person. It _asks_ during setup for your "Administrator" password. Nobody in their right mind would put in "Password" and it is NOT the default (that would be Microsofts stupidest move ever if it was).