on 1/24/2008 6:10 AM Scott Ehrlich spake the following:
Granted this is not a UNIX system, but in case there is a UNIX tool to accomplish the goal...XP passwords are stored as hashes. You need to brute-force guess and compare the created hashes to the stored ones. If the user has the same password stored in programs like outlook express, that is much easier.I am looking for a bootable CD/DVD (or application to be placed on a CD/DVD to be made bootable) that can let me mount a Windows XP drive/partition (SP1 or SP2), and force-crack the admin password (even if admin account name has been changed, but I know what it has been changed to). The application cannot write to the hard drive - only mount it read-only, read the password file into ram, and show the cracked password.I know I can use the pnordahl utility to try and force-change the password, but I actually want to crack it.The utility should be free. This is a legal request. Thanks for leads. Scott
But forensically, changing the password to gain access is usually sufficient. Knowing the original password is not that valuable in a legal scenario, as you will need a warrant anyway to access anything else that might be protected by that password.
If it is that critical, find a certified PC forensics specialist. One misstep on your part will make the evidence worthless in court.
-- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!!
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos