Penetration Testing mailing list archives
RE: Offline NT/2000 Registry & Password Editor
From: Frank Knobbe <FKnobbe () KnobbeITS com>
Date: Mon, 11 Jun 2001 15:16:39 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-----Original Message----- From: Hostfarm Security [mailto:security.lists () hostfarm net] Sent: Monday, June 11, 2001 7:43 AM Anyone else use this utility instead of trying to lookup the passwords with L0phtCrack? http://home.eunet.no/~pnordahl/ntpasswd/
Yup. It's a great tool. Requires physical access though. And a word of caution: If SysKey was enabled on the server, it will remove SysKey, and with it all other passwords. So, if you need to grab an account from a production server, and SysKey is enabled and you don't want to reset a gazillion accounts, use l0phtcrack instead. If there are only a few local machine accounts (for services), this Linux boot disk can save the day quickly. Regards, Frank -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.8 Comment: PGP or S/MIME encrypted email preferred. iQA/AwUBOyUnJ5ytSsEygtEFEQL0FACcDKshdoRiyU6RAbWODLVo+6NV0FIAnAyZ g2UYE+BIfBCuhPipHFLUkuOE =P0l1 -----END PGP SIGNATURE-----
Current thread:
- RE: Offline NT/2000 Registry & Password Editor Frank Knobbe (Jun 11)
- <Possible follow-ups>
- RE: Offline NT/2000 Registry & Password Editor Brewis, Mark (Jun 12)