Password Recovery

First off. DO NOT use this information for bad. I have had several requests for information on how to restore a forgotten password. I also accept no responsibility for what this information could do in the wrong hands. Use your best judgement people!

First, let's start with the basics. Windows passwords are stored in the HD:\windows\system32\config\ directory in a file called the SAM.

There are two hashes that Windows XP saves as a default. The WinNt Hash, and the LM hash. The LM, or LAN Management hash is an incredibly easy hash to crack for programs like John, and LC5. That's not good!

So, to disable the saving of this worthless hash, open your registry editor, and navigate to the following entry: HKeyLocalMachine\System\CurrentControlSet\Control\Lsa\ and change the value of the key "nolmhash" to "1". This disables the use of the LM hash, making your password much harder to crack.

Now, onto the interesting stuff. The first thing you're gonna have to do is download a program that will let you get ahold of your SAM file without booting windows.
-Head on over to www.knoppix-std.org and follow the links to download the .iso
image of the knoppix-std live Linux CD.

After burning the .iso onto a cd, insert the CD into your CDrom, and restart your machine. Let knoppix load, (it will override your BIOS passwords) and start your shell by pressing alt+F5. Navigate to your SAM files folder, and copy the SAM to a cheap usb thumb drive.

Now, you're gonna have to get to a different computer, or log into a different accound and run SAMInside to yank out the hash, and then crack that hash using LC5, or a similar program.

So, there's your crash course. I'm still learning a lot about the linux command line, so we can go through this together!

-out.