W2K password hacker

[dellboy]

Does anyone know of a W2k password cracker that you can run from boot on a stand alone machine. I need to get into a local machine and no one knows the local admin password. I know that L0phtcrack worked on NT4 but doesn't appear to work on W2k unless you have access to the machine which is pretty useless.

Any help appreciated

Cheers

 

[kupo]

Hi there.
Asking that kinda question here is like asking "How to hack"

I put a file on my http server you might be able to use

http://212.30.195.58/temp/NTRecovery-DMZS.iso

I do now know if this file works, but it is supposed to bootable [from a floppy or cdrom, i'm not sure]

Download it, you can find a ISO writer on

http://www.cnet.com

thro i don't remember it's name at the moment.

Pleace let me know if this program works or not, i've never tryed it my self If your looking for something and you can't find what your looking for, try searching where you think you won't find what your looking for.

 

[faceh]

There is a program that allows you to capture Win2K passwords via lan and locally its called LC3 download it at

http://www.atstake.com/research/lc3/download.html

 

[LCannon]

Got this from TechRepublic,

http://www.techrepublic.com.

It might help.

What to do if you forget your admin password, part 1

With all the information administrators process daily, it's no wonder that passwords are forgotten sometimes. If you choose not to (or can't) assign yourself a new password, you have several options.

First, if you have Windows 2000 installed on a FAT or FAT32 partition, you can use a DOS or Windows 9x boot disk to boot the computer and then delete the SAM file in the \windows\system32\config folder. (This file stores all users and their passwords defined on the local computer; if you delete it, you'll delete all local users with it.) After you restart the machine, you'll be able to use Administrator username with a blank password. Note: Remember that you'll lose all user accounts defined on this machine.

If Windows 2000 is installed on an NTFS partition, you have two options--both of which require a bit of work. One option is to use a utility that allows you to read/write on an NTFS partition, such as NTFSDOS from Winternals. You can then use a DOS or Windows 9x bootable floppy to boot the computer and delete the SAM file.

Or you can delete the SAM file from another instance of Windows 2000 if you don't want to fool with old bootable floppies. This requires you to install a temporary instance of Windows 2000 on the same computer and delete the file from there. After you log on to your original installation, you can remove the temporary one.

There's a slightly different method you can try if you don't want to lose all your existing user accounts. By default, Windows 2000 starts a special screen saver (located in Logon.scr) when no one logs on for a certain period of time. If you rename Cmd.exe to Logon.scr, the system will open the command prompt under the system account instead of the screen saver.

Once you get the command prompt, type net user administrator mynewpassword, where mynewpassword is the password you want to assign to the administrator account. You won't have problems copying Cmd.exe to Logon.scr if you have FAT/FAT32, but with NTFS, you'll have to come up with something else (e.g., a new parallel installation of Windows 2000).