Your browser does not seem to support CSS. If images appear below, please disregard them.
It appears that you're running an Ad-Blocker. This site is monetized by Advertising and by User Donations; we ask that if you find this site helpful that you whitelist us in your Ad-Blocker, or make a Donation to help aid in operating costs.
Previous Thread
Next Thread
Print Thread
Rate This Thread
#15378 - 02/17/03 03:22 AM New to the board  
Joined: Feb 2003
Posts: 8
Lord AwoL Offline
Junior Member
Lord AwoL  Offline
Junior Member

Joined: Feb 2003
Posts: 8
Hello all, I'm new to the board! I've read postings here for a while, and figured it was time that I join. I also have a question that hopefully some of you can help me with. I'm trying to learn how to get into an Windows XP box that isn't networked and has a user login password. I do have physical access to the computer however. I've used a version of NTFS DOS to grab the SAM file, and spent a day letting LC3 take a crack at it, but with no luck. OK, here's my question (other than how can I get the login password): First of all, does anyone know where I can get a version of NTFS DOS that will give me write access to the hard drive? Also, would a keylogger like maybe IK work to get the login password? Also, if anyone has any other ideas, theyd'd be greatly appreciated. Thank you.

AwoL

Sponsored Links
#15379 - 02/17/03 03:31 AM Re: New to the board  
Joined: Mar 2002
Posts: 1,273
SilentRage Offline
DollarDNS Owner
SilentRage  Offline
DollarDNS Owner

Joined: Mar 2002
Posts: 1,273
OH, USA
Well, perhaps you're not including enough types of characters in your crack attempt. Or maybe you can just be patient and let it run longer.

Keyloggers absolutely won't work unless they're running while somebody changes the password. I've never tried to get a write enabled NTFS DOS, so I don't know.


Domain Registration, Hosting, Management
http://www.dollardns.net
#15380 - 02/17/03 06:49 AM Re: New to the board  
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Likes: 3
Portland, OR; USA
You'd have to know the admin password for write access if its in fact NTFS, if its FAT32 (or FAT) you can just snag an old boot disk :/... remind me to never let you near my boxes? Corse all my good shit is on an NTFS drive lol...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#15381 - 02/17/03 07:41 AM Re: New to the board  
Joined: Mar 2002
Posts: 1,041
Infinite Offline
UGN Elite Poster
Infinite  Offline
UGN Elite Poster

Joined: Mar 2002
Posts: 1,041
Canada eh
Give l0pht a little longer. It took me three days to crack the admin password on the laptop I got from school. If you just let it go it will get that pass.

Infinite

#15382 - 02/17/03 08:59 AM Re: New to the board  
Joined: Feb 2003
Posts: 35
Dreadlord Offline
Stubby the Penii
Dreadlord  Offline
Stubby the Penii

Joined: Feb 2003
Posts: 35
Somewhere in Space!
NTFSDOS

NTFSDOS, designed by Bryce Cogswell and Mark Russinovich, allows access to NTFS partitions from OSs that use FAT. Format a floppy disk with the /s option (copy system files), copy ntfsdos.exe (and the helpf file ntfshlp.vxd if you want) then boot the NT box with it. Gain full read access to everything on NTFS partitions. Go for the SAM in the winnt\system32\config directory. Download from http://www.users.globalnet.co.uk/~mnemonix/ntfsdos.zip

Maybe thats what u looking for tho dunno.


There are 10 kinds of people in the world: those who understand binary and those who don't.
-
There are 101100101101000001011110000000000 people in the world, some understand binary and some don't.
Sponsored Links
#15383 - 02/17/03 02:53 PM Re: New to the board  
Joined: Mar 2002
Posts: 1,273
SilentRage Offline
DollarDNS Owner
SilentRage  Offline
DollarDNS Owner

Joined: Mar 2002
Posts: 1,273
OH, USA
No it's not Dreadlord, he's way ahead of you.


Domain Registration, Hosting, Management
http://www.dollardns.net
#15384 - 02/17/03 03:26 PM Re: New to the board  
Joined: Dec 2002
Posts: 3,255
§intå× Offline
§intå×  Offline


Joined: Dec 2002
Posts: 3,255
Likes: 1
Maryland
Keyloggers absolutely won't work unless they're running while somebody changes the password.


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

What about a harware keylogger? They make plenty of modules now that plu into the back of a computer where the keyboard plugs in. It captures EVERY keystroke.

here is one I snaged from a google search.

http://www.keyghost.com/

you can find out how it works here

http://www.keyghost.com/installation.htm#demo


I would think this would work. Until Longhorn comes out and all data travles encrypted, but if you snag the keys right before it hits the CPU I do not think there is any protection there right now.

#15385 - 02/17/03 04:05 PM Re: New to the board  
Joined: Feb 2003
Posts: 8
Lord AwoL Offline
Junior Member
Lord AwoL  Offline
Junior Member

Joined: Feb 2003
Posts: 8
Thanks. I'll give LC3 a little longer to run. Maybe the brute force attack can get through eventually. What is a hardware keylogger?

#15386 - 02/17/03 07:04 PM Re: New to the board  
Joined: Mar 2002
Posts: 1,041
Infinite Offline
UGN Elite Poster
Infinite  Offline
UGN Elite Poster

Joined: Mar 2002
Posts: 1,041
Canada eh
A hardware keylogger could be something like a small little object that would plug into the end of you keyboard cable, and then in turn plug into a computer. It sits on the line a passively captures all the keystrokes. To get the info out of it you generally need special software of some kind of magic key combo. But they are supposed to work pretty good. Here's a pic of one to give yo an idea:



And yes, given enough time and resources, brute force WILL break that pass.

Infinite

#15387 - 02/17/03 10:19 PM Re: New to the board  
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Likes: 3
Portland, OR; USA
Yeh I've heard that they work quite nice. I'm actually sort of curious how it'd work with my KVM Switch lol... Higrade wires feeding into a cheap wired keylogger to my system lol...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Sponsored Links
#15388 - 02/18/03 04:48 AM Re: New to the board  
Joined: Mar 2002
Posts: 1,136
pergesu Offline
UGN Elite Poster
pergesu  Offline
UGN Elite Poster

Joined: Mar 2002
Posts: 1,136
Pimpin the Colorizzle
You know, I was thinkin there's gotta be a way to make a keylogger that would work. Cause you may say, "Well the program wouldn't be able to load until after the user's logged in." Nah...think of all the system programs that are running before the user logs in. The kernel (it's called that in Windows too, right?) is already loaded. It's processing input (mouse, keyboard) and gives feedback on the screen, and all that requires programs running. So there has to be some way to make the program run before the user has logged in. So go code it

#15389 - 02/18/03 06:12 AM Re: New to the board  
Joined: Feb 2003
Posts: 8
Lord AwoL Offline
Junior Member
Lord AwoL  Offline
Junior Member

Joined: Feb 2003
Posts: 8
How about using a full version of NTFS DOS (one that lets you write to the hard drive - assuming the computer is using NTFS) and then installing a DOS-based keylogger while putting a reference to it in the autoexec.bat? Do you think that would work? Is there any other option on the hardware keylogger besides paying $90 for one?

And on a brigher note, my l0pht crack 3 only has 80 days left on the crack! Good thing no one ever changes their password more than once every 3 months ever!

AwoL

#15390 - 02/18/03 06:18 AM Re: New to the board  
Joined: Mar 2002
Posts: 1,041
Infinite Offline
UGN Elite Poster
Infinite  Offline
UGN Elite Poster

Joined: Mar 2002
Posts: 1,041
Canada eh
Well if you have a version of ntfdos that will write, thenn you can write yourself a new admin password into the sam file and then you don't have to crack the hash. As well, you wouldn't need that to get at an autoexec.bat unless it had the permissions set all weird. And really, windows doesn't even use that anymore, it's more for show.

Search for hardware keyloggers on ebay.

And l0pht said something like 76 days to crack that pass I mentioned above. It got it after 3 days.

Infinite

#15391 - 02/19/03 12:22 AM Re: New to the board  
Joined: Mar 2002
Posts: 1,273
SilentRage Offline
DollarDNS Owner
SilentRage  Offline
DollarDNS Owner

Joined: Mar 2002
Posts: 1,273
OH, USA
not with autoexec.bat, and not by registering a program as a service will you be able to get a program to run before the login screen.


Domain Registration, Hosting, Management
http://www.dollardns.net
#15392 - 02/21/03 12:23 AM Re: New to the board  
Joined: Feb 2003
Posts: 8
Lord AwoL Offline
Junior Member
Lord AwoL  Offline
Junior Member

Joined: Feb 2003
Posts: 8
I've been messing around with LC3, and so far I haven't been able to find a setting that will crack the SAM file. Has anyone else had this same problem? I'm sure that a hardware keylogger would work, but I'd rather not spend the money on it. Is there an option that I'm missing?

#15393 - 02/21/03 04:55 AM Re: New to the board  
Joined: Mar 2002
Posts: 1,273
SilentRage Offline
DollarDNS Owner
SilentRage  Offline
DollarDNS Owner

Joined: Mar 2002
Posts: 1,273
OH, USA
There should be a way to specify the characters that you will crack with. try all numbers and letters and upper/lower case (unless it still doesn't matter). It's been years since I've used l0phtcrack, so I can't give ya a step-by-step.


Domain Registration, Hosting, Management
http://www.dollardns.net

Member Spotlight
Gremelin
Gremelin
Portland, OR; USA
Posts: 7,195
Joined: February 2002
Show All Member Profiles 
Forum Statistics
Forums45
Topics47,460
Posts82,630
Average Daily Posts8
Members2,159
Most Online1,567
Apr 25th, 2010
Latest Postings
Top Posters(All Time)
UGN Security 40,624
Gremelin 7,195
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Liked Users (All Time)
§intå× Likes: 1
Cold Sunn Likes: 1
Crime Likes: 1
Cyrez Likes: 1
Ghost Likes: 1
Gremelin Likes: 4
Ice Likes: 1
unreal Likes: 1
Top Liked Users (30 Days)
No Data Found
Powered by UBB.threads™ PHP Forum Software 7.6.0
(Snapshot build 20160902)