User accounts have gone missing!

On 31/07/2010 11:52 AM, Frank wrote:
> On 7/30/2010 11:09 PM, Yousuf Khan wrote:
>> On 30/07/2010 7:39 PM, Frank wrote:
>>> More likely, an operator error.
>>
>> Good answer, considering that there were no operators around at the time.
>>
>> Yousuf Khan
>
> Really? So your computer destroyed itself all by itself?
> WoW! I've never heard that one before.
> Well, maybe capin' crunch has used that excuse for his incompetence.

You've never heard that one before? Never heard of a server before? Not
very experienced are you?

Yousuf Khan

On 02/08/2010 5:42 AM, Arno wrote:
> Well, your anti-Killfile strategy and your bad manners,
> and arrogance show your true colors. Quite obviously nobody
> wants to interact with you unless you pay them to. Please
> go away now.
>
> Arno

This thread is already ready for the bit-bucket. I got the answer I
needed. The rest of this is just name-calling.

God, who'd have thought there was somebody who made Rod Speed look like
a gentleman?

Don't reply, the thread will have already have been ignored.

Yousuf Khan

Parko wrote:
>
> I've used this quite successfully in the past. Fairly straightforward
> to use.
> http://pogostick.net/~pnh/ntpasswd/

These things make me nervous, since neither the NTFS file system nor the SAM
file format is documented. I wish they'd just read the file and tell me
what the password is instead of changing it.


--

Reply in group, but if emailing add one more
zero, and remove the last word.

Tom Del Rosso wrote:

> Parko wrote:
>>
>> I've used this quite successfully in the past. Fairly straightforward
>> to use.
>> http://pogostick.net/~pnh/ntpasswd/
>
> These things make me nervous, since neither the NTFS file system nor the SAM
> file format is documented. I wish they'd just read the file and tell me
> what the password is instead of changing it.

That would require the password itself to be stored *in* the file, which
it isn't, and you probably don't want to spend hours/days l0phtcracking
it ...

Peter's boot CD/USB is fine, as a get out of jail free card.

On 8/7/2010 7:21 PM, Tom Del Rosso wrote:
> Parko wrote:
>>
>> I've used this quite successfully in the past. Fairly straightforward
>> to use.
>> http://pogostick.net/~pnh/ntpasswd/
>
> These things make me nervous, since neither the NTFS file system nor the SAM
> file format is documented. I wish they'd just read the file and tell me
> what the password is instead of changing it.
>

Some security that would be.

On Sat, 07 Aug 2010 20:21:19 -0400, Tom Del Rosso wrote:

> Parko wrote:
>>
>> I've used this quite successfully in the past. Fairly straightforward
>> to use.
>> http://pogostick.net/~pnh/ntpasswd/
>
> These things make me nervous, since neither the NTFS file system nor the
> SAM file format is documented. I wish they'd just read the file and
> tell me what the password is instead of changing it.

The password files are encrypted. It's called security.



--
Where's the cursor?
Where's the eraser?
Where's the cursor?
Where's the eraser?
G-O-H-O-H-O-9-O
G-O-H-O-H-O-9-O
G-O-H-O-H-O-9-O
H-O-9-O-G-O-H-O

Bob I wrote:
> The password and account ARE secure, you won't be accessing the
> account's encrypted files with a changed or flattened password.

So it puts the new password somewhere else? Where?

--

Reply in group, but if emailing add one more
zero, and remove the last word.

Tom Del Rosso wrote
> Bob I wrote

>> The password and account ARE secure, you won't be accessing the
>> account's encrypted files with a changed or flattened password.

> So it puts the new password somewhere else?

Nope, it puts it in the same place, but encryption is a completely different process to decryption.

In fact when checking whether the password has been entered correctly when say logging
on, the password entered is encrypted and the encrypted form is compared with the stored
encrypted form of the original password and if they match, the password is correct. Thats
nothing like decrypting the stored form of the original password.

In fact it isnt even possible to reverse some forms of encryption at all, they are one way encryptions.

> Where?

Same place the original was stored.

Rod Speed wrote:
> Tom Del Rosso wrote
>> Bob I wrote
>
>>> The password and account ARE secure, you won't be accessing the
>>> account's encrypted files with a changed or flattened password.
>
>> So it puts the new password somewhere else?
>
> Nope, it puts it in the same place, but encryption is a completely
> different process to decryption.
> In fact when checking whether the password has been entered correctly
> when say logging on, the password entered is encrypted and the encrypted
> form is
> compared with the stored encrypted form of the original password and if
> they match, the
> password is correct. Thats nothing like decrypting the stored form of the
> original password.
>
> In fact it isnt even possible to reverse some forms of encryption at
> all, they are one way encryptions.

Thanks. That's it then. I'm aware that there are non-reversible
encryptions, but I didn't consider that possible, because years ago I used
another password cracker (fee-based, from a commercial operation) to recover
a password from a Win2k system. It required copying the sam file and
emailing it to them. I guess they did it by brute force, until they found a
password that created the same encrypted data. I had always assumed they
decrypted it.


--
Reply in group, but if emailing add one more
zero, and remove the last word.

On 8/21/2010 5:48 PM, Tom Del Rosso wrote:
> Rod Speed wrote:
>> Tom Del Rosso wrote
>>> Bob I wrote
>>
>>>> The password and account ARE secure, you won't be accessing the
>>>> account's encrypted files with a changed or flattened password.
>>
>>> So it puts the new password somewhere else?
>>
>> Nope, it puts it in the same place, but encryption is a completely
>> different process to decryption.
>> In fact when checking whether the password has been entered correctly
>> when say logging on, the password entered is encrypted and the encrypted
>> form is
>> compared with the stored encrypted form of the original password and if
>> they match, the
>> password is correct. Thats nothing like decrypting the stored form of the
>> original password.
>>
>> In fact it isnt even possible to reverse some forms of encryption at
>> all, they are one way encryptions.
>
> Thanks. That's it then. I'm aware that there are non-reversible
> encryptions, but I didn't consider that possible, because years ago I used
> another password cracker (fee-based, from a commercial operation) to recover
> a password from a Win2k system. It required copying the sam file and
> emailing it to them. I guess they did it by brute force, until they found a
> password that created the same encrypted data. I had always assumed they
> decrypted it.
>
FWIW, a similar "cracking" method is used against MS Office documents,
brute force gets you some character string that provides the same
"hashcode", it opens the file but most likely wasn't the password
actually used.