Accessing Vista without a password

**MJM** · #1 24th Aug 2008, 12:38 PM

Basically a friend of mine changed her password. Then she went on holidays and forgot what she changed her password to.
Now I know Vista has a Adminstrator account and I know it doesn't have a password since ophcrack tells me so, but I can't figure out how the hell to access the account. Google gives me results of having to enable it first - is that true? If so, that is one of the most stupid security features known to man.
If all else fails I'll have to find software to reset the password to something else... the only problem would be that she'd lose to weeks of work on her thesis.

**Dave Hybrid** · #2 24th Aug 2008, 12:53 PM

Ophcrack should give you the pw to the personal account anyway?

**Mike0001** · #3 24th Aug 2008, 01:12 PM

or Ophcrack? You may have to leave it running a long time. Overnight will crack 9-10 chars.

Has the 7+7 bug in Windoze security been fixed yet?

(ie, that a 14 char password is just two 7 char passwords that can be attacked independently?)

**MJM** · #4 24th Aug 2008, 01:52 PM

WinXP still has 7+7.

Ophcrack is not giving out the password, says not found. It's from the live cd and that may be why. I know the company behind it sells better rainbow tables, but I'm not spending a hundred on that.

I have the NTHash so I'll try some other sites and possibly Cain as well before resetting the password, but it would all be easier if we could just access the admin account, so anyone know anything about that?

**Dave Hybrid** · #5 24th Aug 2008, 01:55 PM

http://www.google.co.uk/search?hl=en...e+Search&meta=

At first glance it appears it can only be activated via a working profile, but have a read.

**serverguy** · #6 24th Aug 2008, 02:11 PM

You can't use the Administrator account unless you've previously enabled it so it is pretty pointless having it TBH.

What you need is the Offline NT Admin Password Reset Disk.

It works an absolute treat. Just flipping impossible to find in Google.

Edit: I see you mention she will loose work if your reset the password? Why do you think this will be the case?

**MJM** · #7 24th Aug 2008, 03:06 PM

Taken from the site directly:

DANGER WILL ROBINSON!
If used on users that have EFS encrypted files, and the system is XP or Vista, all encrypted files for that user will be UNREADABLE! and cannot be recovered unless you remember the old password again If you don't know if you have encrypted files or not, you most likely don't have them. (except maybe on corporate systems)

Yeah, she enabled that. Don't ask me why. She has a backup of the thesis, but it's about two weeks old.

P.S.: I found that site via Google... well actually I found a backup server or something (http://ntpass.blaa.net/).

**serverguy** · #8 24th Aug 2008, 03:11 PM

Originally Posted by MJM

Taken from the site directly:

DANGER WILL ROBINSON!
If used on users that have EFS encrypted files, and the system is XP or Vista, all encrypted files for that user will be UNREADABLE! and cannot be recovered unless you remember the old password again If you don't know if you have encrypted files or not, you most likely don't have them. (except maybe on corporate systems)

Yeah, she enabled that. Don't ask me why. She has a backup of the thesis, but it's about two weeks old.

P.S.: I found that site via Google... well actually I found a backup server or something (http://ntpass.blaa.net/).

Ahh OK. Stupid question...why one earth did she enable it?

Well, your only option is a brute force attack with one of the programs already mentioned or just resetting the password.

I never seem to be able to find this site easily... maybe I just always use the wrong keywords.

**MJM** · #9 24th Aug 2008, 03:14 PM

Because she thought she needed to. It's her PhD and I guess she wanted to feel that it's "secure".

**serverguy** · #10 24th Aug 2008, 04:21 PM

Originally Posted by MJM

Because she thought she needed to. It's her PhD and I guess she wanted to feel that it's "secure".

Which is why you should always back up the certificates if you're going to encrypt it.

Oh well.

Any luck with the brute force?

**MJM** · #11 24th Aug 2008, 05:06 PM

Well, she's not that smart when it comes to computers.

The brute force is failing... I put into an irc channel (#rainbowcrack on irc.plain-text.info) since ophcrack failed, but nothing's come out of that yet, so it looks unlikely.

**Bubba** · #12 25th Aug 2008, 03:13 PM

Brute force and ignorance, the US Marine Corps motto lol. (I can say that and get away with it, trust me lol). On the other hand, we in the Army liked to try methods with a bit more finesse lol.
Try this link and if it doesn't help you and you can't find a tutorial at the same place to help you let me know. This will teach you how to reset your passwords and if you follow these instructions you should have no problems.

http://www.vistax64.com/tutorials/10...-password.html

Side note: Thanks Dave, I really don't know what I did there and didn't want a repeat here.

**Mike0001** · #13 26th Aug 2008, 03:45 AM

It is one thing to enable the security for encrypted files. It is another to actually create those files. Did she actually create encrypted files?

**serverguy** · #14 26th Aug 2008, 05:28 AM

I assume she just encrypted a folder or something like this:

http://www.petri.co.il/what%27s_efs.htm

**Mike0001** · #15 26th Aug 2008, 02:11 PM

Originally Posted by serverguy