Accueil arrow Forum
Menu principal
Accueil
Rechercher
Télécharger
Downloads A-Z
Forum
Sondage
Password par défaut
Générer Password
Tester Password
Web Password
Le Livre d'or
Lettre d'information
Partenaires
Indiquer le site
Plan du site
Sondage
Changement de votre mot de passe ?

Merci de votre aide à PasswordOne

Merci beaucoup pour votre don, et votre aide.

Message du Livre d'or
ZaZa
Ok poupée, j'aurai ton mot de passe ! 
Merci PasswordOne
PasswordOne
des remèdes à vos mots de passe !
 
  FAQFAQ    RechercherRechercher  S'enregistrerS'enregistrer 
   ConnexionConnexion 

TUTORIAL NT Password recovery

 
Poster un nouveau sujet   Répondre au sujet    PasswordOne Index du Forum -> Microsoft Windows
Voir le sujet précédent :: Voir le sujet suivant  
Auteur Message
hdd_killer



Inscrit le: 10 Avr 2007
Messages: 18

blank.gif
MessagePosté le: 23 Avr 2007 15:35    Sujet du message: TUTORIAL NT Password recovery Répondre en citant

Bon, ben , j'avais la flemme de le faire et j'ai enfin trouvé le tuto qui détaile tout la procédure...elle est pas belle la vie ?

---------------------------------------------------------------------------------------

Plutôt que de grande explications, voici la manipulation type. Comme vous allez pouvoir le voir, il suffit de se laisser guider. La manipulation prend entre 2 et 5 minutes.

****************************************************************
* This utility will enable you to change the password of almost
* any user (incl. administrator) on an Windows NT/2k/XP installation
* WITHOUT knowing the old password.
*
* The program is now able to actually parse/follow the internal
* registry structure completely.
* There is now support for adding and deleting keys and values.
* Tested on: NT3.51 & NT4: Workstation, Server, PDC.
* Win2k Prof & Server to SP3. Cannot change AD.
* XP Home & Prof: up to SP1
* Now also works with syskey, read warnings if applicable.
*
* You may either let the scripts try to figure out your configuration,
* or you may do it manually from the shell prompts.
*
* Good luck!

Press return/enter to continue Enter
* In /etc/main.rc....
Calling scsi.rc to probe for SCSI controllers
Mounting floppy to fetch drivers from /scsi on it
SCSI-drivers found on floppy:

BusLogic.o.gz aic7xxx.o.gz

Do you have your NT disks on a SCSI controller?
y - this will autoprobe for the driver
n - no, skip SCSI, I have IDE drives
or give the scsi-driver modules name (without the .o or .gz)
+ optional parameters to go directly for a known driver

Probe for SCSI-drivers: [n]Enter

Calling part.rc to select partition
Partitions found on the disk(s):
Device Boot Start End Blocks Id System
/dev/hda1 * 1 1859 14932386 7 HPFS/NTFS

Probable NT partitions:
/dev/hda1 * 1 1859 14932386 7 HPFS/NTFS
Wnat partition contains your NT installation?
[/dev/hda1] : Enter

FAT: Did not find valid FSINFO signature.
Found signature1 0x66024a1e signature2 0xc88b6602 sector=4.
VFS: Can't find a valid FAT filesystem on dev 03:01.
mount: wrong fs type, bad option, bad superblock on /deb/hda1,
or too many mounted fil systems
/dev/hda1 is NTFS.
Trying to mount as readwrite on /mnt
NTFS volume version 3.0.
Success. Mounted NTFS /deb/hda1 on /mnt
Calling path.rc. to select path
What is the full path to the registry directory?
[winnt/system32/config] : Enter
-rw------- 1 0 0 65536 Jan 15 09:00 AppEvent.Evt
-rw------- 1 0 0 65536 Jan 15 09:00 default
-rw------- 1 0 0 65536 Jan 15 09:00 default.LOG
-rw------- 1 0 0 65536 Jan 15 09:00 default.sav
-rw------- 1 0 0 65536 Jan 15 09:00 netlogon.ftl
-rw------- 1 0 0 65536 Jan 15 09:00 SAM
-rw------- 1 0 0 65536 Jan 15 09:00 SAM.LOG
-rw------- 1 0 0 65536 Jan 15 09:00 SecEvent.Evt
-rw------- 1 0 0 65536 Jan 15 09:00 SECURITY
-rw------- 1 0 0 65536 Jan 15 09:00 SECURITY.LOG
-rw------- 1 0 0 65536 Jan 15 09:00 software
-rw------- 1 0 0 65536 Jan 15 09:00 software.LOG
-rw------- 1 0 0 65536 Jan 15 09:00 software.sav
-rw------- 1 0 0 65536 Jan 15 09:00 SysEvent.Evt
-rw------- 1 0 0 65536 Jan 15 09:00 system.sav
-rw------- 1 0 0 65536 Jan 15 09:00 TempLey.LOG
-rw------- 1 0 0 65536 Jan 15 09:00 userdiff
-rw------- 1 0 0 65536 Jan 15 09:00 userdiff.LOG
Which hives (files) do you want to edit (leave default for
password setting, separate multiple names with spaces)
[sam system security] : Enter
Copying sam system security to /tmp

Now running chntpw
chntpw version 0.99.0 030112, (c) Petter N Hagen
Hive's name (from header) (\SystemRoot\System32\Config\Sam)
ROOT KEY at offset: 0x001020

File size 32768 [8000] bytes, containing 7 pages (+ 1 headerpage)
Used, for data: 319/26472 blocks/bytes, unused: 6/1976 blocks/bytes.
Hive's name (from header): (SYSTEM)
ROOT KEY at offset: 0x001020

File size 2555904 [270000] bytes, containing 584 pages (+ 1 headerpage)
Used, for data: 44209/2524072 blocks/bytes, unused: 19/9048 blocks/bytes.
Hive's name (from header): (SYSTEM)
ROOT KEY at offset: 0x001020

File size 49152 [c000] bytes, containing 11 pages (+ 1 headerpage)
Used, for data: 859/42568 blocks/bytes, unused: 5/2136 blocks/bytes.
Hello, this is SAM!
Failed logins before lockout is : 0
Minimum password length : 0
Password history count : 0

()========() chntpw Main Interactive Menu ()========()
Loaded hives: (sam) (system) (security)
1 - Edit user data and passwords
2 - Syskey status & change
- - -
9 - Registry editor, now with full write support!
q - Quit (you will be asked if there is something to save)

What to do? [1] -> Enter

==== chntpw Edit User Info & Passwords ====

RID: 03f2, Username: (ACTUser)
RID: 03f2, Username: (Administrateur)
RID: 03f2, Username: (Guest), disabled or locked*
RID: 03f2, Username: (hoge)

Select: ! - quit, . - list users, 0x(RID) - User with RID (hex)
or simple enter the username to change: [Administrateur] Enter
RID : 032f
Username: Administrator
fullname:
comment :
homedir :

Account bits: 0x0215 =
[ ] Disabled | [ ] Homedir req. | [ ] passwd not req. |
[ ] Temp. duplicate | [X] Normail account | [ ] NMS account |
[ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act |
[X] Pwd don't expir | [ ] Auto lockout | [ ] (unknown 0x08) |
[ ] (unknown 0x10) | [ ] (unknown 0x20) | [ ] (unknown 0x40) |

Failed login count: 0, while max tries is : 0
Total login.count: 7
Account is disabled
Crypted NT pw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Crypted LM pw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
MD4 hash : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
LANMAN hash : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

* = blank the password (EXPERIMENTAL! but may fix problems)
Enter nothing to leave it unchanged
Please enter new password: *

Blanking password. This may actually fix things if previous password-preset
did not work. Or it may even make things worse. Happy joy!

Do you really wish to change it? (y/n) [n] y

Select: ! - quit, . - list users, 0x(RID) - User with RID (hex)
or simple enter the username to change: [Administrateur] !

()========() chntpw Main Interactive Menu ()========()
Loaded hives: (sam) (system) (security)
1 - Edit user data and passwords
2 - Syskey status & change
- - -
9 - Registry editor, now with full write support!
q - Quit (you will be asked if there is something to save)

What to do? [1] -> q

Hives that have changed:
# Name
0 (sam)
Write hive files? (y/n) [n] : y
Calling write.rc to select write back sam file
About to write file(s) back! Do it? [n] y

Writing sam
* end of scripts.. returning to the shell..
* Press CTRL-ALT-DELL to reboot now (remove floppy first)
* or do whatever you want from the shell..
* However, if you mount something, remember to umount before reboot
* You may also restart the script procedure with 'sh /scripts/main.rc'
#



Merci à http://www.lapagedujour.com/


Lien d'origine: http://www.lapagedujour.com/articles/hack-de-mot-de-passe-administrateur-windowsXP.html

Wink
Revenir en haut de page
Voir le profil de l'utilisateur Envoyer un message privé Envoyer un e-mail
Montrer les messages depuis:   
Poster un nouveau sujet   Répondre au sujet    PasswordOne Index du Forum -> Microsoft Windows Toutes les heures sont au format GMT + 1 Heure
Page 1 sur 1

 
Sauter vers:  
Vous ne pouvez pas poster de nouveaux sujets dans ce forum
Vous ne pouvez pas répondre aux sujets dans ce forum
Vous ne pouvez pas éditer vos messages dans ce forum
Vous ne pouvez pas supprimer vos messages dans ce forum
Vous ne pouvez pas voter dans les sondages de ce forum
Vous ne pouvez pas joindre de fichiers dans ce forum
Vous ne pouvez pas télécharger de fichiers dans ce forum


En ligne
Il y a actuellement 5 invités en ligne
Login
Nom d'utilisateur

Mot de passe

Se souvenir de moi
Mot de passe oublié ?
Pas encore de compte ? Enregistrez-vous
Ajouter / Partager
Membres actifs
3032 enregistrés
0 Aujourd hui
0 Cette semaine
223 Ce mois-ci
Dernier: sbeur66
Webmestre
Site en Favoris
Page en Favoris
Page de démarrage
Imprimer la Page
Fils d'information
Google
PasswordOne QR Code
© 2017 PasswordOne : des remèdes à vos mots de passe !
Joomla! est un logiciel libre distribué sous licence GNU/GPL.
Designed by PasswordOne | Mentions légales
*** Partenaires : GuaPDF | Vision Budget | Blog PasswordOne | annuaire gratuit | Kommunauty | ***