ok, here is the scenerio, i have an nt4 box with a network connection and scsi bus. i have physical access to the machine and a user account. admin accounts exist but do not have the password. how can i get adim access to this machine?

Try this:

http://home.eunet.no/~pnordahl/ntpasswd/

I used the bootable CD version and it worked great for me. I have also used the floppy version in the past with success.

not to be a boyscout or anything, but last time i checked, it was against the rules to talk about hacking/cracking & other things of that nature...
http://forum.oc-forums.com/vb/showthread.php?s=&threadid=115345

i believe this one falls under #6
:rolleyes:

you guys have been here long enough to know better than that...

this is totally legit, im doing it at work with my boss helping me. we have to get this thing done.

This tool requires you to have physical access to the machine in order to run it. This condition alone implies that you are authorized to access the machine and thus is more likely a legit activity rather then a malicious hacking attempt.

There are plenty of legit uses for this tool, and although it may be misconstrued a hacking, this thread is more about system recovery.

thanks nemisys, my point exactly.......

Originally posted by augustwest
this is totally legit, im doing it at work with my boss helping me. we have to get this thing done.

ah sorry, my mistake. didn't know it was something your boss was asking you to do... :-/

no problem, i see where your coming from :)

Go search for LC4. Its great. It will crack every pass on the box in under 20 days.

Originally posted by Syphere
Go search for LC4. Its great. It will crack every pass on the box in under 20 days.

that's why having fast computers sucks for encryption... it takes less time to "guess" a password by a computer randomly guessing values and such so they have to be more careful with security... oh well... it's the way of the world :) i am just glad that i am not getting into computer security :) that would drive me up the wall in the future, i just know it

I agree with Nemisys, the easiest way to recover a locked out box is the linux boot disk. The documentation is really good on that site as well.

I had to use that very link and disk when I changed our domian on a w2K adv server network. The machine horked the old admin password, didn't have the new one yet because it couldn't log on to the non-existent network, and I had to crack it.

Like they say, "If you don't have physical security, you don't have security."

Wedo

the problem was the linux boot disk wasnt working with the scsi array. i finally hacked in by copying cmd.exe in place of login.scr since the login screensaver is run with admim privilages. then i just waited at the login prompt for the screensaver time out then the cmd was launched instead of the screensaver. launched the user manager and changed the admin password. pretty slick :D im pretty sure this was fixed in 2000, but not in nt service pack 5 :D

now that's using your brain :) haha

just for future reference, how do you run the user manager from the command prompt? do you just run the control panel item?

well id say the running the control panel would work but the user manager is usrmgr in 2000 and its musrmgr or nusrmgr in nt. i think, its got a weird suffix i know that.