Your browser does not seem to support CSS. If images appear below, please disregard them.
toggle
May
S M T W T F S
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31
Sponsored Links
Latest Postings
Topic Options
Rate This Topic
#15355 - 08/15/02 02:02 PM win XP administrator
Joined: Aug 2002
Posts: 4
paleothol Offline
Junior Member
paleothol Offline
Junior Member

Joined: Aug 2002
Posts: 4
England
I am a bit of a newbie to hacking and my dad recently put an account on my computer and made himself system administrator so i can't do much on my account. I was wondering if anyone knew how to take that off and make me system administrator?

Top
Sponsored Links
#15356 - 08/15/02 03:43 PM Re: win XP administrator
Joined: Mar 2002
Posts: 96
wizzy Offline
The other other white meat
wizzy Offline
The other other white meat

Joined: Mar 2002
Posts: 96
Iowa
does he have his account password protected? if not just log on his name and change your account to an admin too. if he has a password on it, download a keylogger and get his password from that, than log on and change your account.


Gizmo: Wizzy is SeXor
Gizmo: Wizzy is the other half of my Gizzy
Top
#15357 - 08/15/02 04:44 PM Re: win XP administrator
Joined: Aug 2002
Posts: 4
paleothol Offline
Junior Member
paleothol Offline
Junior Member

Joined: Aug 2002
Posts: 4
England
i can't install the keylogger because only the system administrator can install things. And yes he does have a password!

Top
#15358 - 08/15/02 05:01 PM Re: win XP administrator
Joined: Mar 2002
Posts: 1,041
Infinite Offline
UGN Elite Poster
Infinite Offline
UGN Elite Poster

Joined: Mar 2002
Posts: 1,041
Canada eh
There's a file in the %systemroot%\WINDOWS\system32\config folder called SAM. This is the file that contains all the users and passes for the machine (or network, depending). It's being run by the SYSTEM so you can't access it directly. There's a prog out there called PWDUMP2 (i think) that will extract the passes out of that file for you to abuse at your leisure. You're gonna need a pass cracker though cause they are encrypted. However, there *MAY* be a copy of the SAM file in the %systemroot%\WINDOWS\repair folder that is not in use. If I remember right, this backup is made during install, so unless your Dad created his acount while Windows was being installed the backup will only have the default account and passwords in it.

sum

Top
#15359 - 08/15/02 05:35 PM Re: win XP administrator
Joined: Aug 2002
Posts: 4
paleothol Offline
Junior Member
paleothol Offline
Junior Member

Joined: Aug 2002
Posts: 4
England
i downloaded that program, ran it but i don't know where the password file is located if there is one and i've tried searching for passwd.txt and no results came up! Any suggestions?

Top
#15360 - 08/15/02 05:42 PM Re: win XP administrator
Joined: Mar 2002
Posts: 1,041
Infinite Offline
UGN Elite Poster
Infinite Offline
UGN Elite Poster

Joined: Mar 2002
Posts: 1,041
Canada eh
Quote:
There's a file in the %systemroot%\WINDOWS\system32\config folder called SAM
Dude, I told ya where to find it. %systemroot% is a way of saying 'whatever drive your windows dir is on', usually the C:\ drive. Go look in there and/or where I said the backup copy was/is. As well read the instructions for that program, just running things blindly will get you absolutely nowhere.

sum

Top
#15361 - 08/15/02 05:50 PM Re: win XP administrator
Joined: Mar 2002
Posts: 1,041
Infinite Offline
UGN Elite Poster
Infinite Offline
UGN Elite Poster

Joined: Mar 2002
Posts: 1,041
Canada eh
Here, READ THIS FROM TOP TO BOTTOM!!!

PWDUMP2 README

Those are the exact instructions to do what you want. READ IT. And after you read it, READ IT AGAIN to make sure you understand it. If you still don't understand it after that then you shouldn't be messing with this shit.

sum

Top
#15362 - 08/15/02 05:51 PM Re: win XP administrator
Joined: Aug 2002
Posts: 4
paleothol Offline
Junior Member
paleothol Offline
Junior Member

Joined: Aug 2002
Posts: 4
England
i have put the files pwdump2.exe and samdump.dll in C:\WINDOWS\SYSTEM32\config where SAM is located and i ran the file! Now what?

Top
#15363 - 08/16/02 06:36 PM Re: win XP administrator
Joined: Mar 2002
Posts: 185
Mornse Offline
Member
Mornse Offline
Member

Joined: Mar 2002
Posts: 185
Vancouver
A way that may be easier that I did once when I forgot the admin pass on my NT box (heh, yeah, shutup), was to boot to a floppy, you'll need to use NTFSDOS if your drive is using NTFS, otherwise just boot to a floppy and copy the SAM file to the floppy because the system won't be using it when you are running from the floppy. Then crack the file using LC3 from http://www.l0pht.com (that's a zero)


Cha want some w***up?

http://www.dopeskill.com
Top
#15364 - 08/16/02 07:17 PM Re: win XP administrator
Joined: Mar 2002
Posts: 257
psychogen Offline
Member
psychogen Offline
Member

Joined: Mar 2002
Posts: 257
UK
shit u guys, this guy is NEW remember!

I mean pwdump is not a bad choice, but l0pht is not good to him since he cant install shit and l0pht is distributed in a commercial installation format.

I suggest booting to safe mode, usually that should not ask you for any pwd, and create a new user. if that dont work return to pwdump.

Also try booting to safe mode without networking that should defiantely do it.


The use of "hacker" to mean "security breaker" is a confusion on the part of the mass media. We hackers refuse to recognize that meaning, and continue using the word to mean, "Someone who loves to program and enjoys being clever about it."
--------------------
"Its not a bug, its a feature" (Epic Games)
Top
#15365 - 08/17/02 07:14 PM Re: win XP administrator
Joined: Mar 2002
Posts: 1,041
Infinite Offline
UGN Elite Poster
Infinite Offline
UGN Elite Poster

Joined: Mar 2002
Posts: 1,041
Canada eh
Well it looks like I need to take a little of my own advice. After glancing through the readme file myself I noticed something I have overlooked.

Quote:
You need the SeDebugPrivilege for it to work. By default, only Administrators have this right, so this program does not compromise NT security.
So it would appear that this won't help you at all paleothol.

/me tries to remove foot from mouth and swallow his pride in one motion

So, paleothol, I guess I should apologize for being short with you when the info I was giving you wouldn't even help you anyways.

Sorry paleothol.

sum

Top
#15366 - 10/13/02 05:58 AM Re: win XP administrator
Joined: Oct 2002
Posts: 10
Satori Offline
Junior Member
Satori Offline
Junior Member

Joined: Oct 2002
Posts: 10
San Antonio, Texas
No fear, paleothol. What you need is a handy Linux bootdisk with a handy binary on it that will do the hard work for you. The one I'm about to point you to will enumerate the user accounts and let you modify their passwords. What I'd recomend that you do is set a new password for the Administrator account, login as such and add your user account to the Administrator group, and then log in as you. Make sure that you log in and out again as yourself so that your dad doesn't boot up to find the Administrator account as last logon!

Keep in mind, this assumes that he is using an account with Admin privs, but that isn't Administrator. If you change HIS password, he's obviously gonna know about it.

Anyway, this tool actually works with SYSKEY encryption now - pretty handy. Select the "reset NT Password" from the list of bootdisks. Enjoy!

Top

Member Spotlight
Gremelin

Gremelin
Portland, OR; USA
Posts: 7,194
Joined: February 2002
Show All Member Profiles 
Forum Statistics
Forums46
Topics45,754
Posts80,922
Members2,157
Most Online1,567
Apr 25th, 2010
Top Posters(All Time)
UGN Security 38,918
Gremelin 7,194
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Newest Members
Herbert_Sherbert, codemauve, Lillysdragon1984, Brewwit, boa
2157 Registered Users
Who's Online Now
0 registered members (), 2 guests and 4 spiders.
Latest News