Unconfigured Ad Widget

**M1Kev** · 06-17-2012, 11:47 AM

If it is windows you can try Hirems boot utility. I used it to get in my dad's PC after he passed. Download online

**choprzrul** · 06-17-2012, 12:09 PM

Here is what I always use on customer computers.

Probably not a novice tool, but it always works for me.

That being said, if whole disk encryption was used, there is nearly zero paths to recovery. If you boot the computer and see a standard username/password challenge, shut down normally and then boot to the above cd. In some instances, you can do the ctrl + alt + del 3 finger salute 3 or 4 times really quickly to get a domain type of password challenge screen. Change the default username that is autofilled with 'administrator' and leave the password field blank. If the default administrator account was never set up with a password, this can be a quick backdoor entry into a computer. Once into the administrator account, you can go into mmc and set a user's password.

If this computer is part of a domain, and you can access the domain controller, just change the user's password and proceed as normal.

Hope this helps.

.

**ojisan** · 06-17-2012, 12:26 PM

^ AWESOME!
Yes, I'm also searching the net for info, too.
This one seems best so far.

bg · 06-17-2012, 12:30 PM

Ophacrack

http://pcsupport.about.com/od/toolsofthetrade/gr/ophcrack.htm

**bigmike82** · 06-17-2012, 8:53 PM

Before you try anything, back up the hard drive to another hard drive. If his folders are encrypted with Bitlocker, resetting his password will make his files very, very, very difficult if not impossible to recover.

If you're having difficulties, bring it by my office in Chatsworth...ntpasswd should do the trick for you though. It's always worked for me.

**JDay** · 06-18-2012, 7:51 AM

I'm surprised that he would be the only one in the business with access to this information. But before you can do anything we need to know what version of Windows is on the machine.

If the data is not encrypted you can just stick the drive into another computer and copy everything off of it (likely what you're looking for is in a spreadsheet). There are also ways to reset the Windows password, however if he encrypted any folders resetting the password will make that stuff unrecoverable.

Originally posted by choprzrul

[B][U]Change the default username that is autofilled with 'administrator' and leave the password field blank. If the default administrator account was never set up with a password, this can be a quick backdoor entry into a computer.

That only works with XP.

**stix213** · 06-18-2012, 4:51 PM

Originally posted by bigmike82

Before you try anything, back up the hard drive to another hard drive. If his folders are encrypted with Bitlocker, resetting his password will make his files very, very, very difficult if not impossible to recover.

If you're having difficulties, bring it by my office in Chatsworth...ntpasswd should do the trick for you though. It's always worked for me.

ntpasswd has always worked for me as well, but I haven't tried it on anything newer than XP.

**Nose Nuggets** · 06-18-2012, 5:03 PM

if none of the password breakers do it, just pull the hard drive out and put it in an enclosure. Plug it into your computer and grab what you need.

**Montu** · 06-18-2012, 5:09 PM

I would like to add to Nose Nuggets suggestion..you can also boot up to a Linux flash drive and copy the files onto another drive.

Download Ubuntu Desktop | Ubuntu

http://www.ubuntu.com/download/desktop

Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things.

Create a bootable USB stick with Rufus on Windows | Ubuntu

http://www.ubuntu.com/download/help/create-a-usb-stick-on-windows

Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things.

*if the drive is not encrypted

Nt password should work though

**Corbin Dallas** · 06-18-2012, 6:21 PM

Originally posted by ojisan

My BIL passed unexpectedly last week.
He had a stock brokerage business.
His business has been passed to his father, who is not tech-savy or prepared for this.

Of course, the business info and accounts are all on computer.
Nobody can get into the computers without the passwords.
No list of passwords or clues have been found.
Clients and their attorneys are already calling.

Does anybody know of a service who can gain access to the data or how to get past the passwords?
Any CalGunners who can "break into" the computers? (one laptop, one desktop so far.)
Of course, part two of this might be that the data is encrypted for security.

Location is San Diego.

Advice, help or suggestions, please!

Thank you!

PM sent

**redcliff** · 06-19-2012, 12:21 PM

Really sorry to hear about your brother-in-law ojisan. I hope you're able to help out the family in their time of need.

**Coded-Dude** · 06-19-2012, 12:25 PM

Originally posted by JDay

I'm surprised that he would be the only one in the business with access to this information. But before you can do anything we need to know what version of Windows is on the machine.

If the data is not encrypted you can just stick the drive into another computer and copy everything off of it (likely what you're looking for is in a spreadsheet). There are also ways to reset the Windows password, however if he encrypted any folders resetting the password will make that stuff unrecoverable.

That only works with XP.

Originally posted by Nose Nuggets

if none of the password breakers do it, just pull the hard drive out and put it in an enclosure. Plug it into your computer and grab what you need.

you guys are old school.....I use Parted Magic. Download the ISO, burn it to CD(or USB), boot the CD/USB(it runs in memory) and copy every thing off the drive without even opening the case(you will of course need to plug in an external drive to coy the data to). Removing the drive can cause more problems than they are worth IMHO.

Page Not Found - Parted Magic LLC

http://partedmagic.com/doku.php

**the86d** · 06-19-2012, 1:10 PM

Originally posted by Coded-Dude

you guys are old school.....I use Parted Magic. Download the ISO, burn it to CD(or USB), boot the CD/USB(it runs in memory) and copy every thing off the drive without even opening the case(you will of course need to plug in an external drive to coy the data to). Removing the drive can cause more problems than they are worth IMHO.

http://partedmagic.com/doku.php

I have done the same with some Knoppix distros, only dropped them off on a network share (if GIG Ethernet, hell even 100MBps is pretty fast if it is not a bunch of data).

But... taking the drive out and plugging it in direct yields full data speeds.

**dem0critus** · 06-21-2012, 4:33 PM

pm sent

Unconfigured Ad Widget

How to find or bypass passwords

How to find or bypass passwords

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Calguns.net Statistics

What's Going On