Our son's 2nd BIrTHdAY

Lilypie 2nd Birthday Ticker

Tuesday, November 27, 2007

Lesson on Linux

To become a successful security personnel one needs to have a couple of very important skills. One of it is to have excellent command on several operating systems. Among them has to be from Windows and *nix. There are many variants of Unix and among the famous is Red Hat Linux. I've figured out away to learn Linux. Every time i learn a new command, i'll post it in this section of my blog. Here goes:

1. tar -zxvf file_tar.gz - for folder with .tar.gz

2. tar -xvf file_tar.gz - for folder with .tar only (remove the z option)

3. rpm -ivh file-1.0-2.i386.rpm - install a RPM package

4. rpm -e file - uninstall RPM package (use the package name only...without -1.0-2.i386.rpm)

5. rpm -Uvh file-1.0-2.i386.rpm - upgrade a rpm package (usually use this one for normal install as it replaces any previously installed package)

Monday, November 26, 2007

Offline NT Password & Registry Editor

Forgot your computer's admin password?

Disclaimer - Accessing/reseting a computers password without the owner's permission is completely wrong/illegal. Use this software at your own risk and for educational purpose only!! I can't be held responsible for any damage caused!

My sister recently (last week) forgot her computer's password! OH NO! There was only 2 users in the machine both with admin capabilities. She can't remember the username and password for the machine. This is due to the fact that she has not used the computer for some time. She didn't know what to do and as usual turned to me for help. I told her:

Not to worry...computerman is here!

Haha. Just kidding. I actually came across this tool; Offline NT Password & Registry Editor and wanted to put it to test. This tool comes handy in a situation like the one my sister is in. This tool does not reveal existing password but allow among other to clear the login password that is stored in the registry of the computer. The tool uses Linux bootsystem as the basis. The concept is a computer with windows stores it's login password inside NT/System32/sam. 'Sam' is the file that contains the password info.

All you need to do is burn the iso image (floopy boot disk is available but advisable to use cd), set your computer to boot from cd, and just press enter most of the time. I was able to clear the password within 10 minutes in my sister's pc (win2k). This software works with win NT, 2k, XP and even Vista. wowvy! Towards the end of the boot process, the tool reveals the username/s in the computer and gives you option to either clear, change or promote a user from regular group to admin group. Ain't that great. I eventually cleared the password for one of the user and when i reboot the system (normal boot), i entered the username and abracadabra....the os requested the password to be changed due to expiry. I entered a new password and was able to login as usual. Basicly, this is what you need to do:

  1. Get the machine to boot from CD (or floppy)
  2. Floppy version need to swap floppy to load drivers.
  3. Load drivers (usually automatic, but possible to run manual select)
  4. Disk select, tell which disk contains the Windows system. Optionally you will have to load drivers.
  5. PATH select, where on the disk is the system?
  6. File select, which parts of registry to load, based on what you want to do.
  7. Password reset or other registry edit.
  8. Write back to disk (you will be asked)

Thank you to Mr Petter Nordahl-Hagen for this wonderful tool. I will be testing it on win xp soon. For those interested, click here