Re: [NTLK] newtontalk Digest V9 #114

From: Arnold DeRoy <>
Date: Sun Mar 15 2009 - 08:09:32 EDT

Hello Newtontalk,

Sunday, March 15, 2009, 6:27:57 AM, you wrote:

> Date: Sat, 14 Mar 2009 23:13:31 -0400
> From: Dan <>
> Subject: Re: [NTLK] NBU, NCK et al: Beware of Windows XP >restore points

> I did know you could get a hold of such a tool and I am >sure I have one
> around here. But have never had such a problem with >restore points
> totally corrupting the passwords. I have done many >rollbacks but never
> had that problem occur.

> But I also didn't know that MICROSOFT actually said "here >this is how
> you erase your passwords". Talk about security (NOT). >Really a shame.

Sorry to get into this rather late. What most WinXP users end up doing is: download and boot Ophcrack from CD. It is a linux boot that will crack most passwords for Win2K and above.

If on a Domain not a 'home' system, anyone with Admin privileges can change the password. All 'encrypted' stores via the builtin OS commands will allow the new user/password without problems.

OphCrack --
Takes 15-20 minuntes and will display all users and the passwords. Even allows you to change.

What is ophcrack?

Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.
» Runs on Windows, Linux/Unix, Mac OS X, ...
» Cracks LM and NTLM hashes.
» Free tables available for Windows XP and Vista.
» Brute-force module for simple passwords.
» Audit mode and CSV export.
» Real-time graphs to analyze the passwords.
» LiveCD available to simplify the cracking.
» Loads hashes from encrypted SAM recovered from a Windows partition, Vista included.
» Free and open source software (GPL).

Don't think of the problem, think of the solution.
The NewtonTalk Mailing List -
The Official Newton FAQ     -
The Newton Glossary         -
WikiWikiNewt                -
Received on Sun Mar 15 08:25:52 2009

This archive was generated by hypermail 2.1.8 : Sun Mar 15 2009 - 13:30:00 EDT