Phone rang yesterday. I guy I used to work for. Nice bloke, who has the unfortunate tendency to let his business associates run rings around him. After I left his employ, they ran one too many rings around him, and sent his company into administration and my former colleagues unemployed. Shame.
Anyway he said he was trying to get some of his old projects up and running again, and had got hold of some the old NT servers.
And was wondering what the passwords on them were.
Oh jeez. I left this company five years ago, and I wasn’t the main systems admin dude then. I recall the systems dude forgetting a password one time and having to reformat the machine… I get the feeling those NT passwords are pretty secure. (Though maybe he can plug the hard-drives into another machine?)
I had a wild guess at [company name] 01. He said he’d try it. And I took his contact number, promised I’d have a have a think and get back to him if I had any brain-waves.
And I wished him luck. I think he’ll need it.
6 replies on “Blast from the past”
This entry reminds me of the times I’ve lost data due
to an NT installation or Windows 2000 encryption key becoming corrupt.
I’ve heard of NTpasswd, Jack the Ripper, LC 5, and Cain & Abel were pretty god tools
Lophtcrack is pretty good, but for any of these crackers you need the password file first, I’ve got great mileage from ntfsdos, a little utility that will mount an NTFS partion from a dos boot floppy. it’s read only but lets you get at the files you want. There is a version for sale that gives you read/write access but get the freebie, it’s all you need for this.
you can download it here
http://www.sysinternals.com/ntw2k/freeware/NTFSDOS.shtml
Very cool Pete.
Before I saw this, I suggested to him that he plug the drives into another PC. Assuming the lost password is protecting the Windows logon, not encryption on the drive, that should be enough for him to get his data.
http://home.eunet.no/~pnordahl/ntpasswd/ will recover the local admin password.
http://www.petri.co.il/forgot_administrator_password.htm has links to other tools and has procedures for recovering AD passwords under 2000 and 2003.
Cheers,
Paul
Boot the NT machine with a Linux Live CD, and mount the disk and collect the data that’s on the disk!