I got to be a hero yesterday, for something that I’m not particularly proud of: Recovering a lost password in Windows XP.
I’d tell you the context but you wouldn’t believe it anyway. Suffice to say that this isn’t the first time I’ve had to find a password for this particular person.
The revelation for me though, was how frighteningly easy it was to get passwords for the entire system, and how quickly it was finished.
I used Ophcrack in its low-ram version, which runs with Slitaz (yay Slitaz!) as its foundation. There are other versions on the same ISO though.
With this machine and the host system mounted as an external drive, it scrounged all the passwords for every account — including accounts the owner didn’t even know about — in about a minute and a half. 😯
I am amazed, dismayed and chagrined, all at once.
I am not a security person. Security and passwords and encryption and things like that are just not interesting. I know, I should be more security-minded, but it’s all very ho-hum to me.
At the same time I am reminded of something I was told a long, long time ago … that if the physical security of a computer is compromised, all bets are off.
For me, yesterday was a good example of that. 😐
Thats just scary… Plain and simple…
I swear by konboot: http://www.piotrbania.com/all/kon-boot/
I know there’s other ways to just reset a password with a linux cd (I can’t find the exact method I’ve used, :S). Either way, I’d imagine it’d be easier than cracking it.
What are you talking about?
Ophcrack is done in under a few minutes. I use it when people forget to tell me their passwords and I need to work on their machine. Most people don’t have a password for the admin account anyway, so just boot into safe-mode, reset their password and you’re away.
Windows “Security” is a joke.
Regardless, konboot takes no time and removes the password entirely.
I hope your passwords are greater than 15 characters. In WinXP, when the password is greater than 15 characters, it uses NTLM hashes (http://en.wikipedia.org/wiki/NTLM).