User accounts have gone missing!

Discussion in 'alt.windows7.general' started by Yousuf Khan, Jul 25, 2010.

  1. Yousuf Khan

    Yousuf Khan Guest

    On 31/07/2010 11:52 AM, Frank wrote:
    > On 7/30/2010 11:09 PM, Yousuf Khan wrote:
    >> On 30/07/2010 7:39 PM, Frank wrote:
    >>> More likely, an operator error.

    >>
    >> Good answer, considering that there were no operators around at the time.
    >>
    >> Yousuf Khan

    >
    > Really? So your computer destroyed itself all by itself?
    > WoW! I've never heard that one before.
    > Well, maybe capin' crunch has used that excuse for his incompetence.


    You've never heard that one before? Never heard of a server before? Not
    very experienced are you?

    Yousuf Khan
     
    Yousuf Khan, Aug 1, 2010
    #21
    1. Advertisements

  2. Yousuf Khan

    Yousuf Khan Guest

    On 02/08/2010 5:42 AM, Arno wrote:
    > Well, your anti-Killfile strategy and your bad manners,
    > and arrogance show your true colors. Quite obviously nobody
    > wants to interact with you unless you pay them to. Please
    > go away now.
    >
    > Arno


    This thread is already ready for the bit-bucket. I got the answer I
    needed. The rest of this is just name-calling.

    God, who'd have thought there was somebody who made Rod Speed look like
    a gentleman? :)

    Don't reply, the thread will have already have been ignored. :)

    Yousuf Khan
     
    Yousuf Khan, Aug 3, 2010
    #22
    1. Advertisements

  3. Parko wrote:
    >
    > I've used this quite successfully in the past. Fairly straightforward
    > to use.
    > http://pogostick.net/~pnh/ntpasswd/


    These things make me nervous, since neither the NTFS file system nor the SAM
    file format is documented. I wish they'd just read the file and tell me
    what the password is instead of changing it.


    --

    Reply in group, but if emailing add one more
    zero, and remove the last word.
     
    Tom Del Rosso, Aug 8, 2010
    #23
  4. Yousuf Khan

    Sunny Bard Guest

    Tom Del Rosso wrote:

    > Parko wrote:
    >>
    >> I've used this quite successfully in the past. Fairly straightforward
    >> to use.
    >> http://pogostick.net/~pnh/ntpasswd/

    >
    > These things make me nervous, since neither the NTFS file system nor the SAM
    > file format is documented. I wish they'd just read the file and tell me
    > what the password is instead of changing it.


    That would require the password itself to be stored *in* the file, which
    it isn't, and you probably don't want to spend hours/days l0phtcracking
    it ...

    Peter's boot CD/USB is fine, as a get out of jail free card.
     
    Sunny Bard, Aug 8, 2010
    #24
  5. Yousuf Khan

    Bob I Guest

    On 8/7/2010 7:21 PM, Tom Del Rosso wrote:
    > Parko wrote:
    >>
    >> I've used this quite successfully in the past. Fairly straightforward
    >> to use.
    >> http://pogostick.net/~pnh/ntpasswd/

    >
    > These things make me nervous, since neither the NTFS file system nor the SAM
    > file format is documented. I wish they'd just read the file and tell me
    > what the password is instead of changing it.
    >


    Some security that would be.
     
    Bob I, Aug 8, 2010
    #25
  6. Yousuf Khan

    Parko Guest

    On Sat, 07 Aug 2010 20:21:19 -0400, Tom Del Rosso wrote:

    > Parko wrote:
    >>
    >> I've used this quite successfully in the past. Fairly straightforward
    >> to use.
    >> http://pogostick.net/~pnh/ntpasswd/

    >
    > These things make me nervous, since neither the NTFS file system nor the
    > SAM file format is documented. I wish they'd just read the file and
    > tell me what the password is instead of changing it.


    The password files are encrypted. It's called security.



    --
    Where's the cursor?
    Where's the eraser?
    Where's the cursor?
    Where's the eraser?
    G-O-H-O-H-O-9-O
    G-O-H-O-H-O-9-O
    G-O-H-O-H-O-9-O
    H-O-9-O-G-O-H-O
     
    Parko, Aug 8, 2010
    #26
  7. Bob I wrote:
    > The password and account ARE secure, you won't be accessing the
    > account's encrypted files with a changed or flattened password.


    So it puts the new password somewhere else? Where?

    --

    Reply in group, but if emailing add one more
    zero, and remove the last word.
     
    Tom Del Rosso, Aug 21, 2010
    #27
  8. Yousuf Khan

    Rod Speed Guest

    Tom Del Rosso wrote
    > Bob I wrote


    >> The password and account ARE secure, you won't be accessing the
    >> account's encrypted files with a changed or flattened password.


    > So it puts the new password somewhere else?


    Nope, it puts it in the same place, but encryption is a completely different process to decryption.

    In fact when checking whether the password has been entered correctly when say logging
    on, the password entered is encrypted and the encrypted form is compared with the stored
    encrypted form of the original password and if they match, the password is correct. Thats
    nothing like decrypting the stored form of the original password.

    In fact it isnt even possible to reverse some forms of encryption at all, they are one way encryptions.

    > Where?


    Same place the original was stored.
     
    Rod Speed, Aug 21, 2010
    #28
  9. Rod Speed wrote:
    > Tom Del Rosso wrote
    >> Bob I wrote

    >
    >>> The password and account ARE secure, you won't be accessing the
    >>> account's encrypted files with a changed or flattened password.

    >
    >> So it puts the new password somewhere else?

    >
    > Nope, it puts it in the same place, but encryption is a completely
    > different process to decryption.
    > In fact when checking whether the password has been entered correctly
    > when say logging on, the password entered is encrypted and the encrypted
    > form is
    > compared with the stored encrypted form of the original password and if
    > they match, the
    > password is correct. Thats nothing like decrypting the stored form of the
    > original password.
    >
    > In fact it isnt even possible to reverse some forms of encryption at
    > all, they are one way encryptions.


    Thanks. That's it then. I'm aware that there are non-reversible
    encryptions, but I didn't consider that possible, because years ago I used
    another password cracker (fee-based, from a commercial operation) to recover
    a password from a Win2k system. It required copying the sam file and
    emailing it to them. I guess they did it by brute force, until they found a
    password that created the same encrypted data. I had always assumed they
    decrypted it.


    --
    Reply in group, but if emailing add one more
    zero, and remove the last word.
     
    Tom Del Rosso, Aug 21, 2010
    #29
  10. Yousuf Khan

    Bob I Guest

    On 8/21/2010 5:48 PM, Tom Del Rosso wrote:
    > Rod Speed wrote:
    >> Tom Del Rosso wrote
    >>> Bob I wrote

    >>
    >>>> The password and account ARE secure, you won't be accessing the
    >>>> account's encrypted files with a changed or flattened password.

    >>
    >>> So it puts the new password somewhere else?

    >>
    >> Nope, it puts it in the same place, but encryption is a completely
    >> different process to decryption.
    >> In fact when checking whether the password has been entered correctly
    >> when say logging on, the password entered is encrypted and the encrypted
    >> form is
    >> compared with the stored encrypted form of the original password and if
    >> they match, the
    >> password is correct. Thats nothing like decrypting the stored form of the
    >> original password.
    >>
    >> In fact it isnt even possible to reverse some forms of encryption at
    >> all, they are one way encryptions.

    >
    > Thanks. That's it then. I'm aware that there are non-reversible
    > encryptions, but I didn't consider that possible, because years ago I used
    > another password cracker (fee-based, from a commercial operation) to recover
    > a password from a Win2k system. It required copying the sam file and
    > emailing it to them. I guess they did it by brute force, until they found a
    > password that created the same encrypted data. I had always assumed they
    > decrypted it.
    >

    FWIW, a similar "cracking" method is used against MS Office documents,
    brute force gets you some character string that provides the same
    "hashcode", it opens the file but most likely wasn't the password
    actually used.
     
    Bob I, Aug 26, 2010
    #30
  11. Yousuf Khan

    Arno Guest

    In comp.sys.ibm.pc.hardware.storage Bob I <> wrote:


    > On 8/21/2010 5:48 PM, Tom Del Rosso wrote:
    >> Rod Speed wrote:
    >>> Tom Del Rosso wrote
    >>>> Bob I wrote
    >>>
    >>>>> The password and account ARE secure, you won't be accessing the
    >>>>> account's encrypted files with a changed or flattened password.
    >>>
    >>>> So it puts the new password somewhere else?
    >>>
    >>> Nope, it puts it in the same place, but encryption is a completely
    >>> different process to decryption.
    >>> In fact when checking whether the password has been entered correctly
    >>> when say logging on, the password entered is encrypted and the encrypted
    >>> form is
    >>> compared with the stored encrypted form of the original password and if
    >>> they match, the
    >>> password is correct. Thats nothing like decrypting the stored form of the
    >>> original password.
    >>>
    >>> In fact it isnt even possible to reverse some forms of encryption at
    >>> all, they are one way encryptions.

    >>
    >> Thanks. That's it then. I'm aware that there are non-reversible
    >> encryptions, but I didn't consider that possible, because years ago I used
    >> another password cracker (fee-based, from a commercial operation) to recover
    >> a password from a Win2k system. It required copying the sam file and
    >> emailing it to them. I guess they did it by brute force, until they found a
    >> password that created the same encrypted data. I had always assumed they
    >> decrypted it.
    >>

    > FWIW, a similar "cracking" method is used against MS Office documents,
    > brute force gets you some character string that provides the same
    > "hashcode", it opens the file but most likely wasn't the password
    > actually used.


    This is possible, BTW, because the people designing this system
    did not have a clue and selected a too short hashcode.

    The whole thing is derived from Unix password handling (which is
    secure and works), but got broken in the process. No surprise when
    looking at who did this....

    Arno

    --
    Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email:
    GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
    ----
    Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
     
    Arno, Aug 26, 2010
    #31
  12. Yousuf Khan

    David Brown Guest

    On 22/08/2010 00:48, Tom Del Rosso wrote:
    > Rod Speed wrote:
    >> Tom Del Rosso wrote
    >>> Bob I wrote

    >>
    >>>> The password and account ARE secure, you won't be accessing the
    >>>> account's encrypted files with a changed or flattened password.

    >>
    >>> So it puts the new password somewhere else?

    >>
    >> Nope, it puts it in the same place, but encryption is a completely
    >> different process to decryption.
    >> In fact when checking whether the password has been entered correctly
    >> when say logging on, the password entered is encrypted and the encrypted
    >> form is
    >> compared with the stored encrypted form of the original password and if
    >> they match, the
    >> password is correct. Thats nothing like decrypting the stored form of the
    >> original password.
    >>
    >> In fact it isnt even possible to reverse some forms of encryption at
    >> all, they are one way encryptions.

    >
    > Thanks. That's it then. I'm aware that there are non-reversible
    > encryptions, but I didn't consider that possible, because years ago I used
    > another password cracker (fee-based, from a commercial operation) to recover
    > a password from a Win2k system. It required copying the sam file and
    > emailing it to them. I guess they did it by brute force, until they found a
    > password that created the same encrypted data. I had always assumed they
    > decrypted it.
    >


    Yes, these things are done by trial and error. Often such a company
    will have large "rainbow" tables - they take tables of likely passwords
    (such as common kids names, common pet names, misspellings of
    "password", birthdays, etc.), dictionaries, etc., and run each one
    through the password encryption algorithm. Then "cracking" the password
    is as simple as looking it up in this table. If they get a match, they
    have the original password. If not, then they need to run through
    exhaustive searches.



    If you ever have to break into a windows system again, it is a lot
    easier to use a windows password reset live CD. These don't make any
    attempt to identify the old password, but simply replace it with a known
    (blank) one. It's a lot faster and cheaper than an external company.

    If you actually need to recover the password rather than just change it
    to something you know, there are again free tools for that.
     
    David Brown, Aug 26, 2010
    #32
  13. Yousuf Khan

    Arno Guest

    In comp.sys.ibm.pc.hardware.storage David Brown <> wrote:
    > On 22/08/2010 00:48, Tom Del Rosso wrote:
    >> Rod Speed wrote:
    >>> Tom Del Rosso wrote
    >>>> Bob I wrote
    >>>
    >>>>> The password and account ARE secure, you won't be accessing the
    >>>>> account's encrypted files with a changed or flattened password.
    >>>
    >>>> So it puts the new password somewhere else?
    >>>
    >>> Nope, it puts it in the same place, but encryption is a completely
    >>> different process to decryption.
    >>> In fact when checking whether the password has been entered correctly
    >>> when say logging on, the password entered is encrypted and the encrypted
    >>> form is
    >>> compared with the stored encrypted form of the original password and if
    >>> they match, the
    >>> password is correct. Thats nothing like decrypting the stored form of the
    >>> original password.
    >>>
    >>> In fact it isnt even possible to reverse some forms of encryption at
    >>> all, they are one way encryptions.

    >>
    >> Thanks. That's it then. I'm aware that there are non-reversible
    >> encryptions, but I didn't consider that possible, because years ago I used
    >> another password cracker (fee-based, from a commercial operation) to recover
    >> a password from a Win2k system. It required copying the sam file and
    >> emailing it to them. I guess they did it by brute force, until they found a
    >> password that created the same encrypted data. I had always assumed they
    >> decrypted it.
    >>


    > Yes, these things are done by trial and error. Often such a company
    > will have large "rainbow" tables - they take tables of likely passwords
    > (such as common kids names, common pet names, misspellings of
    > "password", birthdays, etc.), dictionaries, etc., and run each one
    > through the password encryption algorithm. Then "cracking" the password
    > is as simple as looking it up in this table. If they get a match, they
    > have the original password. If not, then they need to run through
    > exhaustive searches.


    The accepted countermeasure to Rainbow Tables is salting, i.e.
    to add a non-secret random value. This increses the size of the
    Rainbow Table to infesability. As Microsoft is not familiar with
    salting, they do work there.

    > If you ever have to break into a windows system again, it is a lot
    > easier to use a windows password reset live CD. These don't make any
    > attempt to identify the old password, but simply replace it with a known
    > (blank) one. It's a lot faster and cheaper than an external company.


    I second that. I did this several times with good success and
    very reasonable effort.

    > If you actually need to recover the password rather than just change it
    > to something you know, there are again free tools for that.


    Whether that works depends strongly on the individual password
    scheme. MS is incompetent here (otherwise breaking would not
    work at all for good passwords), but even they made improvements.

    Here is an example illustratiung the "security mind-set" at Microsoft:
    http://catless.ncl.ac.uk/risks/17.12.html
    Scroll down to ''Microsoft "Bob" passwords''

    Arno
    --
    Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email:
    GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
    ----
    Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
     
    Arno, Aug 26, 2010
    #33
  14. Yousuf Khan

    X00btine

    Joined:
    Jun 12, 2016
    Messages:
    1
    Likes Received:
    0
    You can add a new account agin with some free registry editing programs.
     
    X00btine, Jun 12, 2016
    #34
    1. Advertisements

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Similar Threads
  1. AidyD
    Replies:
    5
    Views:
    3,733
    AidyD
    Jan 7, 2010
  2. win7
    Replies:
    2
    Views:
    13,767
  3. Oldster

    User Accounts page displayed on startup.

    Oldster, Jan 9, 2010, in forum: alt.windows7.general
    Replies:
    13
    Views:
    2,927
    Oldster
    Jan 11, 2010
  4. chrisgray1497
    Replies:
    2
    Views:
    12,297
    Veedaz
    Feb 12, 2010
  5. odin the terrible

    Assistance wih User Accounts in Windows 7 64-bit

    odin the terrible, Jan 6, 2011, in forum: Windows 7 Support
    Replies:
    1
    Views:
    1,715
    TrainableMan
    Jan 11, 2011
  6. littlex
    Replies:
    10
    Views:
    6,685
    TrainableMan
    Jan 26, 2011
  7. heloego

    User Accounts

    heloego, Feb 28, 2011, in forum: Windows 7 Support
    Replies:
    4
    Views:
    1,668
    heloego
    Mar 1, 2011
  8. Bart-K

    taskbar icons 'gone but not gone'

    Bart-K, Feb 6, 2016, in forum: Windows 7 Support
    Replies:
    3
    Views:
    800
    jefboyardee
    Feb 8, 2016
Loading...