Nightmare situation - Please Help

Conanius

Conanius

Conanius

Soldato
Joined
18 Oct 2002
Posts
12,933
Unfortunately my dad passed away on Monday. I've been trying to help the family sort everything out, but dad was a sod for password protecting everything.

I've got his laptop and I'm trying to get into his user account (Windows 7 Home Premium), and then a word document which he has passworded (office 2007).

There is a 2nd user account on the laptop which only has guest priviledges, and User Account Control is turned on.

Someone at work suggested I try using software like Backtrack to get into his user account, but I've never used anything like this before so I'm totally lost. I'm about to try and make a bootable USB image of Backtrack to give it a go.

If anyone has any suggestions I'd really appreciate whatever help you can give.
 
Rich,

Thanks for that, I've got the live CD running now.

It shows an account I hadn't seen (Administrator) saying that the account doesn't have a password.

I know in the days of old on XP this used to be a backdoor into systems poorly set up on initial install (If you didn't put a password in for admin when installing the system you could reboot in safe mode and 'find' this Admin account as an account choice).

I tried doing the same on the offchance with this laptop but it didnt appear. I guess if I could get this account to work I could use the user account section to reset the password for Dads account?

edit - Forgot to add, I'm not hugely hopeful of this working having read the ophcrack site. I'm close to certain that dad was using a work password which is 9 lower case randomly generated characters using the format...

CVCCVCCVC

Where C = Consonants and V = vowel.

Whilst this means you can get words like WONDERFUL which match that criteria, its usually nonsense. It looks like the rainbow table for that combination, assuming he hasnt chucked a number on the end if 53gb.
 
Last edited:
Right, Vista free table just finished checking with no joy. I dont mind not knowing the password and just using some way to reset the password
 
Boot to command prompt and:

Net user administrator /active:yes

According to MS Answers, at least...

Oh, you might want to also:

Net user administrator password

...where "password" is your password of choice, rather than the iffy no password option.
 
have you tried pressing CTRL ALT DEL twice at the login window to get the classic login window back?, from there you should be able to try and login using the blank admin account?
 
theres an old programe my prof at uni told me about called saminside,said it was good for hacking which went on to be a password recovery program, see if that helps if this doesnt.
 
Hi Guys,

Thanks for the replies. I managed to find a tool recommended to me in the backtrack IRC chat room that just removed the password for the account. Job done and just trying to get through the password for the list of passwords document !
 
Right.

Turns out the file isnt Office 2007, and instead is Openoffice.

I did try one password recovery tool (Intelore?) but after 4 hours it gave up saying it couldnt work it out.

Based on my previous windows 7 login password recovery, I found that removing the password is a lot faster and easier ! any chance by fluke someone can recommend a tool to do this?
 
SoundsGood said:
GPU brute force shouldn't take too long if it's a simple-ish password (<8 chars, letters numbers)
Click to expand...

Managed to get access to a rather special piece of kit which did it today. Shame was the file didnt have one of the key passwords we were looking for (MS Money 2000 'Online') so now back to the drawing board. It looks like tools exist to instantly show you the password for those, but they are pay for ones. Might have to bite the bullet to get it !

Either way, its shown me how much of a niche there is for a decent setup to help people when they lose a loved one and need a way to get into all their files !
 
Mmm... Do you have the hashes? I have a pretty extensive rainbow table and wordlist library. Either that or export the registry keys to me, I have a good few recovery tools for application keys/passwords. If this is simply a file locked with MicroCrap protection, it wouldn't take long to break.

Email in trust, offer is there.

Rob

P.s. Apologies for your loss.. I'm dealing with cemeteries on a daily basis for work I'm currently doing, hopefully you didn't pay an arm and a leg for the grave etc... recently learned how expensive they work out.
 
Last edited:
All the files we need to get into are now sorted thanks. I found a shareware MS Money password cracker that gave me the first 3 characters, and I then just read through his note book looking for a clue. Sorted.

Regarding the abuse, do you have any idea how much paperwork there is when someone passes away, and how impossible it is to get it?
 
You must log in or register to reply here.
Back
Top Bottom