Curious About WIN NT Security

**allentrace** · October 26, 2004, 13:42

Originally posted by AZNZhao

I often have heard that WIN NT is the most secure of all the Windows OS's. How easy and how to hack an admin password assuming physical assess to the machine and assuming the user has a regular account? If it is possible, does this prove Window's inherent "insecurity"?

This is wrong and incoherant on so many levels. This post coupled with your previous efforts may result in highly derogatory remarks towards yourself.

*Edit* My bad man, I read your post as how to hack an administrative account on NT.

**skroo** · October 26, 2004, 13:42

Originally posted by AZNZhao

I often have heard that WIN NT is the most secure of all the Windows OS's. How easy and how to hack an admin password assuming physical assess to the machine and assuming the user has a regular account? If it is possible, does this prove Window's inherent "insecurity"?

If an attacker has physical access, the machine is not secure. More so if it has drives that can accept, mount, and read (including booting from) removable media. No user account is required in these cases to obtain or alter an administrator's password.

As for this proving anything, it doesn't. The same basic approach also works for other OSes and platforms in similar circumstances.

**astcell** · October 26, 2004, 18:57

An NT box with no NIC will make the Orange Book. I do not think that has been said about W2K yet.

**ndex** · October 26, 2004, 18:57

Originally posted by AZNZhao

I often have heard that WIN NT is the most secure of all the Windows OS's. How easy and how to hack an admin password assuming physical assess to the machine and assuming the user has a regular account? If it is possible, does this prove Window's inherent "insecurity"?

I have often heard that crack is safe and non-addictive...

mmmm crack, yummy crack

**Gadsden** · October 27, 2004, 07:28

Originally posted by AZNZhao

I often have heard that WIN NT is the most secure of all the Windows OS's. How easy and how to hack an admin password assuming physical assess to the machine and assuming the user has a regular account? If it is possible, does this prove Window's inherent "insecurity"?

Heh.. do you work for Microsoft marketing dept?

Nope.. it is FAR from secure.. it makes some of the newer MS products look good. If you are wanting something more secure, I would suggest openBSD or something of the like.

"Hacking Windows Exposed" has lots of stuff on what you want, as well as a google search.

**highwizard** · October 27, 2004, 10:13

As skroo said, if you have physical access to the box is not secure.

With that being said, a system is only as good as the Admin behind it. You can have an excellent Admin running a WinNT system and a horrible admin running a UNIX based system. In that scenario that WinNT sys is better off.

But I'll stop there since your motives have been already been identified.

**Phreakre** · October 28, 2004, 20:23

If you have access and don't have a liveCD/USB, you could always pull the drive out of the box.. mount.. pwdump.. feed it to your favorite cracker..

..but given your other post that wizard pointed out, that might not be an option in this case.

**Tambourine Man** · October 29, 2004, 18:46

Zhao, as a fellow student at your school I understand your plight and i can bear witness to the oppression that you go through, but you're doing this all wrong. Since this isn't exactly a legal thing to be doing, you shouldn't be requesting help from members of forums. Also, as if the fact that you're posting for help isn't bad enough, your grammar is attrocious. If you want to do this you'll have to find a better method of getting the info that you need.

**cjet** · November 2, 2004, 19:24

Originally posted by AZNZhao

I often have heard that WIN NT is the most secure of all the Windows OS's. How easy and how to hack an admin password assuming physical assess to the machine and assuming the user has a regular account? If it is possible, does this prove Window's inherent "insecurity"?

If You have access to the machine - is simple - you can take SAM file and crack it by using lopthrack (c:\winnt\system32\config\SAM). Usually U can not take it- because windows is using this file so U have 2 use linux or dos with ntfs to copy that file- to protect use long passwords with special marks like 1am31337#g0d@ something like this :). You can use loger too to take some information . Remote atack is much harder if the system is prepared.

Better way - use OpenBSD OR FreeBSD or Linux - if U love windows try windows 2003 with all patches . If you have it at school - protect files by taking it with you.

**astcell** · November 2, 2004, 20:54

I ran l0phtcrack on an 8 character NT password of random characters. The box had a gig of ram and dual PIII 550MHz Xeon chips. 5 days later it was no closer than when it had started. Of course this proves the need to secure the box. You can't run the program if you cannot log in or get network access to the needed files.

**Gadsden** · November 3, 2004, 09:44

If I'm not mistaken, you can use syskey to convert the crypto to 128 bit and help prevent cracking of the sam file..

**cjet** · February 28, 2005, 08:05

Originally posted by astcell

I ran l0phtcrack on an 8 character NT password of random characters. The box had a gig of ram and dual PIII 550MHz Xeon chips. 5 days later it was no closer than when it had started. Of course this proves the need to secure the box. You can't run the program if you cannot log in or get network access to the needed files.

I am Using LC4 and it is doing Well ! :-) - usually I am using knopix to get a file if I have access to the machine - and later I am cracking it at home on my machine. Usually I use custom options.

Curious About WIN NT Security

Curious About WIN NT Security

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment