digg

Facebook Connect Join Digg About

Cracking Windows xp accounts

irongeek.com See a video of how to crack xp accounts.

Who dugg this? Made popular Nov 27, 2006

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

91 Comments

show profanity settings
expand all
  • Nougat, on 10/12/2007, -5/+39Why bother cracking the password if you have physical access to the machine? Just reset the local admin password.

    http://home.eunet.no/pnordahl/ntpasswd/

    I have been doing this for years.
  • elitexero, on 10/12/2007, -2/+30Set the password to "*cr4ckth!s***B!tch3z!**@()#" .. now try.
  • arkmtech, on 10/12/2007, -3/+23Appears to be a decent walk-through of cracking an XP account... but man, I wish he could pronounce his R's.
  • officechris, on 11/06/2007, -1/+18This is a stupid digg, there's automated linux XP Crack CD's that will boot, and automatically start password crack and within 5 minutes will show you ALL of the local user accounts on the machine, no work involved.

    http://ophcrack.sourceforge.net/
  • dbr_onix, on 10/12/2007, -1/+16A video of a 2 week brute-force crack isn't particularly interesting..
    - Ben
  • WackyT, on 10/12/2007, -3/+17So, it's just a dictionary attack. Throw a couple of numbers and special characters in your password.

    Lame.
  • aekdbbop, on 10/12/2007, -7/+21Dude needs to blow his nose...
  • inactive, on 10/12/2007, -2/+15Don't forget to disable LM hash
  • Irco, on 10/12/2007, -4/+17I'll believe a monkey is the admin
  • chris9902, on 10/12/2007, -5/+16not much of a test setting the password to "monkey"
  • oriondr, on 10/12/2007, -5/+17Poor guy can bawely talk.
  • TheBigGuycouk, on 10/12/2007, -0/+10If they are using NTFS encryption you need there password to access the files
  • Mahstah, on 10/12/2007, -1/+10You can change the root password on a Linux box just as easily using an install CD.
  • inactive, on 10/12/2007, -0/+8more important
    encrypted files dont survive password reset
    you need to actually hack the password if you want to view any encrypted files. ANd why so many people dont encrypt is beyond me.


  • Philluminati, on 11/06/2007, -9/+17
    You crack a Windows computer by doing this:

    Put the windows CD into the disk drive.

    Go to the recovery console

    type "net user admin hello"

    then the admin password is hello.

    then you just log in.

    If you want to stay anonymous tho, you just poke around the drives using cd and dir at that command line.

    Why go to so much effort? You've tried so hard for something so simple. Wow, I guess your a real cool hacker. You got hacker tools and everything, lol!
  • glock22ownr, on 10/12/2007, -2/+9Interesting.. but not too impressive. If you have physical access to the box, you pretty much own it... and how about making the password something like "m0Nk3y"...
  • neoknight, on 10/12/2007, -0/+7a monkey's uncle...
  • lowbot, on 11/06/2007, -0/+6To do that you need the admin's password to get into the recovery console. Or werent you paying attention to that when you were 'cracking boxes?' Essentially you are logging in as admin using RC and then changing your password. That is no different than logging onto a windows session control-alt-delete and selecting a new password.

    The other methods do not need the admins password.
  • petroK, on 10/12/2007, -2/+6hi Irongeek. how are you doing these days?
  • icecubed, on 10/12/2007, -4/+8http://home.eunet.no/~pnordahl/ntpasswd/

    boot cd, reset the password(or change it), boot windows, press CTRL-ALT-DEL 2 times
    enter Administrator enter the new password.

    DESTROY
  • adstretch, on 10/12/2007, -0/+4Everyone can list their favorite way to get in when they have physical access. I see at least 7 different techniques mentioned in this set of comments alone. The hard part is doing it when you cant touch the machine. You can always boot from cds, usb flash, (maybe the graphing calculator if thats not bogus), but get in from two states away and ill give more "props".
  • hackerthirteen, on 10/12/2007, -2/+5Um...so you don't leave any traces. Finesse is required over brute force sometimes.
  • RedKrieg, on 10/12/2007, -0/+4uWergo, If you're locked out of the BIOS, move the password reset jumper or cmos clear jumper. If it's a dell laptop, call dell and tell them you're a field tech working on the machine and need the bios password. they'll ask you for the service tag and a code (which is the service tag followed by 4 hex characters). They will then tell you the override password.
  • uWergo, on 10/12/2007, -1/+4i stopped watching when it said "..set the bios to.." didnt say anything about what if you're locked out of the bios =(
  • ApeInago, on 10/12/2007, -0/+3@billyboob

    "rainbo tables" ;)
  • inactive, on 10/12/2007, -2/+5because i want his encrypted files
    that is why I am a cool hacker with my hacker tools and everything.. LOL


    I actually feel much much much safer reading all the comments here. I hope if anyone ever breaks into my house and steals my box it is one of you.
  • inactive, on 10/12/2007, -0/+3show you all.. crappy passwords
    better passwords take a bit longer.
  • inactive, on 10/12/2007, -0/+3most of the so called cmd prompt escalations are fake.
    plus youd have to have an account open on the machine already,
    If ophcrack is getting all your passes you must either not be very leeet, creative or have one hell of a rainbow table. Aint no way just a cd.. maybe a dvd.
    I use ophcrack all the time and it cant get any of my passwords.. even with a 2 gig rainbow table.
    and while they are complex i wouldnt call them that leet.
  • neonic, on 10/12/2007, -2/+5Yes, this is real and works flawlessly. I have done it to several computers for people who forgot their passwords. It is so simple, as long as you can mount the HD, easy.
  • humancompiler, on 10/12/2007, -2/+6But you have to have the Windows install's admin password to log in using the recovery console in the first place. Not so easy.
  • K4P741NxKRUNCH, on 10/12/2007, -2/+4WTF is his problem?

    If you have to excrete, then I suggest an area that is a bit more appropriate and alot more white. It's called a mac.
  • whozyodaddy, on 10/12/2007, -1/+3No, sounds like he is deaf.
  • cromus, on 10/12/2007, -0/+2no ur a roket sientist
  • lowbot, on 10/12/2007, -0/+2>But doesn't the local administrator account act as a master key for NTFS encryption anyway?

    Nope. The password, on a user basis, acts as a salt for the encryption (NTFS only).
  • inactive, on 10/12/2007, -1/+3Jeez, this is waaaay overkill for an XP machine you've got unlimited physical access to.

    I had to "crack" an old XP machine of mine a couple of weeks ago (it's an old machine and I'd forgot what password I used) and I simply put loginrecovery on an autobooting CD, and it served up the admin username and password. I used a CD, but any autobooting device will work.

    You can buy the service from http://www.loginrecovery.com (I'm not affiliated with them in any way) or try it out for free.

  • Addp009, on 10/12/2007, -0/+2If you have physical access, then there are many ways to "crack" a password. The challenge is to crack windows passwords remotely.

    You guys need to get over this type of non-news news. It's been known that you can do a million things to crack a password with physical access. Now show me a story that describes cracking a system without physical access. Only then will I be impressed.
  • Kizzle, on 10/12/2007, -0/+2Huh?
  • klawz, on 10/12/2007, -0/+2If you use a windows 2000 boot disc, you won't need the password for the recovery console.
  • inactive, on 10/12/2007, -0/+2More such videos can be found here
    http://137.132.19.24/security_course/vid_tutorials/
  • GeoNine, on 10/12/2007, -0/+2I am surprised at the ignorance of a good deal of these comments. This is just a tutorial, it doesn't claim to be the "only" way or the "best" or anything really other than one way to crack XP passwords. Resetting the password and cracking it are two different things, although in SOME cases they can be used interchangeably. Hmmm.....
  • kingace, on 10/12/2007, -0/+2Apelnago:

    Way to go, now nobody will ever be able to read your diary.
  • glasmodiar, on 10/12/2007, -0/+1loginrecovery.com - They'll give you the login names & passwords for free in 48 hrs.
  • foreplay, on 10/12/2007, -0/+1lophtcrack (which i assume where this project got its name from) made it very easy to bruteforce all the passwords for any account. its just a shame symantec bought it and discontinued it.

    either way just dump your hashes to a txt file and use http://gdataonline.com/seekhash.php or if its not there try a bruteforce method.


  • HaloprO, on 10/12/2007, -1/+2I like it, but www.thebroken.org does this in ep2 if I'm not mistaken.
  • lowbot, on 10/12/2007, -0/+1Tried it. It got one password from an account with a very weak password. It couldnt get any of the 'hard" passwords, that is passwords like this : 666h3llo! It gave a false positive for one password also.

    works for very weak ones. Everything else will require a real rainbow table setup. Or an offline editor.
  • inactive, on 10/12/2007, -1/+2@Nougat:
    True.. it wont get my truecrypt files, etc unless i use simular passes for everything.
    The point is a bunch of ignorant people in the comments saying
    "OMG that is so lame, i could do it easier by just reseting the pass' etc
    and the point is, the people who made this video understand that as well but there are damn good reasons for not wanting to reset the pass.
    The top two being encrypted files and not wanting to leave a trace
    and just pointing out to the "OMG'rs" that they arent as smart as they think they are
  • Nougat, on 10/12/2007, -0/+1@lowbot

    There was one time that I used Nordhal's reset floppy where the machine was pooched afterwards - but the machine was pooched in the first place, which is why I had to try that method. I was able to reset passwords for other user accounts on the system (the SupportXXXXX account in particular), but not the local administrator account.
  • C0D3R, on 10/12/2007, -0/+1No casemac , see
    http://www.microsoft.com/technet/archive/community/columns/security/essays/10imlaws.mspx
  • ApeInago, on 10/12/2007, -2/+3the caclulator hack uses exploits in the windows "plug and play" hardware install modle to extract the hash without having to boot using a cd..

    a user has to be logged in for this to work, if only in the background.

    lmhashs are easy to crack with john, this has been known fora while.

    a well made algorithm on a calculator could crack the lmhash very quick.
  • cromus, on 10/12/2007, -2/+3hers how u realy crak a passwrd in windows u clik on password hint & they give u a hint on wut there passwd is & u can gess it pretty ez usualy

    works 4 me i gess
  • Fetching more discussions...
    Show 51 - 87 of 87 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...

© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.