Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

Geek Culture / password recovery (win7)

Author
Message
Virtual Nomad
Moderator
18
Years of Service
User Offline
Joined: 14th Dec 2005
Location: SF Bay Area, USA
Posted: 16th Apr 2014 17:20 Edited at: 16th Apr 2014 17:57
Link
@all,

a friend forgot her win7 password (the computer's been sitting in storage for some time) and i'm trying to help her recover it. she doesn't have her windows™ nor system repair discs (or cd key).

a quick search led me to this About article and, ultimately, to ophcrack which, the article suggests, is "by far the best free Windows password recovery tool available". i've since burned the ISO and am prepared to give it a run.

since she lives more than an hour away, i'd like to have a "plan b" on hand when i visit her later today. any suggestions?

in addition to ophcrack, the article cites the following programs (here), among others:

Offline NT Password & Registry Editor & PC Login Now - both of which make me nervous as they delete vs recover the password. i'd consider this method a last resort.

the remaining software suggested on the list aren't viable options as they require access to the admin account or (potentially) cost money.

your thoughts are appreciated.
Back to top
Profile PM Website
Indicium
15
Years of Service
User Offline
Joined: 26th May 2008
Location:
Posted: 16th Apr 2014 19:13
Link
I'd hope that if you didn't know the password then your chances of getting onto the account are nil. If that's not the case then what's the point? Do the PC manufactures not make the recovery iso freely available?


They see me coding, they hating. http://indi-indicium.blogspot.co.uk/
Back to top
Profile PM
bitJericho
21
Years of Service
User Offline
Joined: 9th Oct 2002
Location: United States
Posted: 16th Apr 2014 20:25
Link
Quote: "I'd hope that if you didn't know the password then your chances of getting onto the account are nil. If that's not the case then what's the point? Do the PC manufactures not make the recovery iso freely available?"


All locks can be broken, doesn't mean you have the house unlocked. Physical access has always been the most difficult to protect against. Windows passwords are more about remote access protection.

High quality encryption is useful for local protection.

As for your issues at hand, unless she encrypted the drive, the files are not locked if you hook the drive up to another computer. You can simply copy/paste her files off. That still leaves you with figuring out how to get a usable copy of windows 7 on there, good luck with an OEM pc. I'd recommend google.

Back to top
Profile PM Email Website
nonZero
12
Years of Service
User Offline
Joined: 10th Jul 2011
Location: Dark Empire HQ, Otherworld, Silent Hill
Posted: 16th Apr 2014 20:49
Link
There's a Linux util called "chntpw", iirc. You just install it persistent on your USB-Live.

Other options: Boot using a live CD/USB of your favourite Linux distro and copy all her files (most will be in /Users/[herAccName]/ likely) to an external and then install the GRUB bootloader (depending on the distro, you may find it easier to just install the Linux distro). Now if there is an OEM partition, Grub will pick it up next time you boot. For Win7 it often shows two Windows flavours: Windows 7 and Windows Vista (or another). Obviously the other one is the OEM partition. When you boot into it, you may have password reset options and you will have reinstall options.

Notes: I have not read any links so sorry if it has already been suggested. I had an article on win7 password recovery but I lost the bookmark. Will keep looking and if I find it, I'll post it here, too.

Hope this helps.


You're a bad man!
Back to top
Profile PM Email Website
Virtual Nomad
Moderator
18
Years of Service
User Offline
Joined: 14th Dec 2005
Location: SF Bay Area, USA
Posted: 16th Apr 2014 23:05 Edited at: 16th Apr 2014 23:07
Link
Quote: "Boot using a live CD/USB of your favourite Linux distro "

that's what ophcrack (mentioned above) does. i've burned the (linux-based) LiveCD which i'll boot from. it then goes on to recover the password (hopefully).

i'm hoping for a similar, alternate solution incase this lone program doesn't do the trick.

Quote: "the files are not locked"

i can access her files, i'm sure. i have a set-up for that but i'd like to simply reset/recover her password so she could return to using her computer, as is, and if possible.

if the ophcrack option doesn't work, i'll bring her tower home with me for further bombardment. the main issue, here, is her incovenient location from me.

one way or another, it'll be resolved. alas, i'm looking for a quick fix, first.

thanks for the feedback
Back to top
Profile PM Website
Phaelax
DBPro Master
21
Years of Service
User Offline
Joined: 16th Apr 2003
Location: Metropia
Posted: 17th Apr 2014 01:21
Link
I've personally used ophcrack many times for XP and 7. It basically works by using a brute force method with rainbow tables. Unless she had a really complex password (lots of extra special characters), it should find it fairly easily. Bypassing windows security was actually part of a networking class I had back in college, its purpose was to show once physical access is achieved, passwords mean very little.

http://zimnox.com
Back to top
Profile PM Email Website
nonZero
12
Years of Service
User Offline
Joined: 10th Jul 2011
Location: Dark Empire HQ, Otherworld, Silent Hill
Posted: 17th Apr 2014 10:46
Link
Links:
http://pogostick.net/~pnh/ntpasswd/
http://freecode.com/projects/chntpw (what I mentioned in my previous post. Should be able to just apt-get install it by now)


You're a bad man!
Back to top
Profile PM Email Website
Virtual Nomad
Moderator
18
Years of Service
User Offline
Joined: 14th Dec 2005
Location: SF Bay Area, USA
Posted: 17th Apr 2014 11:09 Edited at: 17th Apr 2014 11:10
Link
update:

ophcrack retrieved the (4-digit) password in a matter of seconds (after the liveCD boot) which turned out to be the first password she says she tried in the first place

whatever the case, she's up and running. thanks, all.
Back to top
Profile PM Website
Green Gandalf
VIP Member
19
Years of Service
User Offline
Joined: 3rd Jan 2005
Playing: Malevolence:Sword of Ahkranox, Skyrim, Civ6.
Posted: 17th Apr 2014 13:31
Link
Quote: "which turned out to be the first password she says she tried in the first place"


How many times have I heard people say that?



Powered by Free Banners
Back to top
Profile PM Email
nonZero
12
Years of Service
User Offline
Joined: 10th Jul 2011
Location: Dark Empire HQ, Otherworld, Silent Hill
Posted: 17th Apr 2014 14:49
Link
4 digit password, lol. I hope she keeps her dirty laundry on a separate encrypted disk.


You're a bad man!
Back to top
Profile PM Email Website
Indicium
15
Years of Service
User Offline
Joined: 26th May 2008
Location:
Posted: 18th Apr 2014 04:59
Link
Quote: "High quality encryption is useful for local protection."


I see. I use FileVault on my Mac so that should do the trick.


They see me coding, they hating. http://indi-indicium.blogspot.co.uk/
Back to top
Profile PM
Naphier
13
Years of Service
User Offline
Joined: 2nd Oct 2010
Location: St Petersburg, Florida
Posted: 18th Apr 2014 07:35
Link
I've used ophcrack quite a few times on clients' computers and even tested it with some more complex passwords containing symbols and upper and lower case characters. It has won every time.
Password protecting a PC is basically to keep the uninformed out. I use it as first level protection in case someone breaks into my house and steals my computer.
Second level is Prey to lock them out and get any data I can about them.
Third level is encryption on my sensitive files that aren't stored with Google.
I do wish I had a way to wipe the drives remotely. Anyone know of good options for this (that don't cost a fortune)?

I've been hoping Prey would add the feature, but they haven't.

Napland Games Facebook Play Wordspionage
Back to top
Profile PM Email Website
bitJericho
21
Years of Service
User Offline
Joined: 9th Oct 2002
Location: United States
Posted: 18th Apr 2014 18:56
Link
Quote: "I do wish I had a way to wipe the drives remotely. Anyone know of good options for this (that don't cost a fortune)? "


I would use remote desktop, though there are ssh servers for windows: http://serverfault.com/questions/8411/what-is-a-good-ssh-server-to-use-on-windows

From there you can run whatever tool you like to erase drives.

You could also do it via PHP/Apache or a bunch of other ways. Perhaps a plugin for pidgean. Send yourself just the right coded message and the computer goes *poof*.

Back to top
Profile PM Email Website
Green Gandalf
VIP Member
19
Years of Service
User Offline
Joined: 3rd Jan 2005
Playing: Malevolence:Sword of Ahkranox, Skyrim, Civ6.
Posted: 19th Apr 2014 00:18
Link
Quote: "Send yourself just the right coded message and the computer goes *poof*."


I don't seem to need a message for that.



Powered by Free Banners
Back to top
Profile PM Email
Back to top

Login to post a reply

Server time is: 2024-04-27 18:21:36
Your offset time is: 2024-04-27 18:21:36