crack windows passwords

There’s a way to crack the password and it doesn’t involve reformatting and reinstalling Windows. The solution is called @stake LC4 (formerly L0phtCrack), however since Symantec stopped development of L0phtcrack, I’m going to let you in on a program called LC5. Just like L0phtCrack, LC5 attacks your Windows machine with a combination of dictionary and brute force attacks. LC5 can crack almost all common passwords in seconds. More advanced passwords with numbers and characters takes longer. The main purpose of the LCP program is user account passwords auditing and recovery in Windows NT/2000/XP. I haven’t tested it against Windows Vista yet, so I’m not sure if it will work. Your mileage may very either way. How it works: Windows NT, 2000 and XP passwords are stored as encrypted hashes. LC5 attacks these hashes with hundreds of passwords per minute. Eventually the correct password will be sent and then displayed to the screen. Good intentions:

• can find weak passwords within minutes. Sys admins can then change the passwords to make them more secure.
• LC5 can be used to accesscomputers of users who forget passwords.
• In companies, it can be used to access computers of employees who have left the company.

Bad intentions:

• Hackers can use LC5 to sniff passwords over networks.
• Hackers can install this application onto a primary domaincontroller and steal hundreds of passwords within minutes.

Please note that I am not the author of this software. Be advised that if you use this software, you do so at your own risk without any warranty expresses or implied by tricky world
Download LC5 (v5.04): English version (with installer) - 2.29 MB
English version (without installer, ZIP) - 1.86 MB
English version (without installer, RAR) – 1.66 MB Software License: LCP is a freeware program. The program may be distributed under condition of saving all files contents and structure of installation package.

Access Data of a Password Protected User in Windows XP in Case the PC Fails to Boot

You may come across a situation in which your windows XP PC fails to reboot, and the most accepted solution to that problem is to re-format the Hard Disk. Before formatting, you should backup your files. If your computer is password protected, you won’t be able to access them from outside, so here is a method for getting around this.

Steps
Boot the machine from Windows XP bootable CD.
At the setup screen, select R to repair using Recovery Console.
Now the console program will prompt you to select the Windows folder (eg. C:\WINDOWS) where the Windows is installed (you need to enter a number from the list of folders shown to you).
Type ‘HELP’ (without single quotes) and press enter for available commands. This is like a DOS program, but some features are not available.
Change the current directory to the user’s directory where you want to backup.
Type ‘CD “C:\Documents and Settings\X”‘ (without single quotes) and press enter. Where X is the username.
Now the current directory will change to “C:\Documents and Settings\X”.
Now change the directory to Desktop by entering ‘CD Desktop’ (without single quotes) and press enter to go to the desktop folder.
Type ‘DIR’ (Without single quotes) and press enter, you will be listed all the available files in Desktop.
Type ‘COPY a.doc D:\BACKUP’ (without quotes) and press enter, where a.doc is a file available in Desktop and the folder D:\BACKUP available to copy the files.
As in step 7,8,9,10 you can backup other folders like “My Documents”, “My Music”, etc.
Note that you cannot use wildcards for COPY. I.e, you cannot copy all the files in a folder at once. You must copy one file by one.

Tips
Before doing this, try changing the password to blank so that you can access the data from another machine to easily drag and drop to copy your data.

Warnings
Any data not backed up will be permanently deleted when you re-format the hard drive, so make sure you back up any thing you want to keep.

Things You’ll Need
A bootable Windows XP CD

Hack Into a Windows XP Computer Without Changing Password

Another method to login to a password protected Windows even if you do not have the password is by making Windows accepting any passwords.
There is a far better way to get into Windows XP. It is easy and it does not reset the password. Hack into a computer running Windows XP without changing the password and find out all and any passwords on the machine (including admin accounts). You do not need access to any accounts to do this. Of course, do not do this on anyone elses computer without proper authorisation.

Steps to Hack into a Windows XP Computer without changing password:

1. Get physical access to the machine. Remember that it must have a CD or DVD drive.
2. Download DreamPackPL HERE.
3. Unzip the downloaded dreampackpl_iso.zip and you’ll get dreampackpl.ISO.
4. Use any burning program that can burn ISO images.
5. After you have the disk, boot from the CD or DVD drive. You will see Windows 2000 Setup and it will load some files.
6. Press “R” to install DreamPackPL.
7. Press “C” to install DreamPackPL by using the recovery console.
8. Select the Windows installation that is currently on the computer (Normally is “1″ if you only have one Windows installed)
9. Backup your original sfcfiles.dll by typing:
“ren C:\Windows\System32\sfcfiles.dll sfcfiles.lld” (without quotes)
10. Copy the hacked file from CD to system32 folder. Type:
“copy D:\i386\pinball.ex_ C:\Windows\System32\sfcfiles.dll” (without quotes and assuming your CD drive is D:)
11. Type “exit”, take out disk and reboot.
12. In the password field, type “dreamon” (without quotes) and DreamPack menu will appear.
13. Click the top graphic on the DreamPack menu and you will get a menu popup.

14. Go to commands and enable the options and enable the god command.

15. Type “god” in the password field to get in Windows. You can also go to Passwords and select “Logon with wrong password and hash”. This option allows you to login with ANY password. Note: I was unable to bring up the DreamPackPL for the first time because I have Kaspersky Anti-Virus already running in background. I believe most antivirus already labelled this tool as a Hack-Tool. A Hack-Tool is NOT a virus. DreamPackPL helps you bypass the Windows Login screen and it is not destructive

Haking "admin" from "user" mode n more

really that is possible !

u know why is it a “user” account because it lacks come service layer than that in “administrator” account

Using simple command line tools on a machine running Windows XP we will obtain system level privileges, and run the entire explorer process (Desktop), and all processes that run from it have system privileges. The system run level is higher than administrator, and has full control of the operating system and it’s kernel. On many machines this can be exploited even with the guest account. At the time I’m publishing this, I have been unable to find any other mention of people running an entire desktop as system, although I have seen some articles regarding the SYSTEM command prompt.

Local privilege escalation is useful on any system that a hacker may compromise; the system account allows for several other things that aren’t normally possible (like resetting the administrator password).

The Local System account is used by the Windows OS to control various aspects of the system (kernel, services, etc); the account shows up as SYSTEM in the Task Manager

Local System differs from an Administrator account in that it has full control of the operating system, similar to root on a *nix machine. Most System processes are required by the operating system, and cannot be closed, even by an Administrator account; attempting to close them will result in a error message. The following quote from Wikipedia explains this in a easy to understand way:

You can trick the system into running a program, script, or batch file with system level privileges.

One sample

One trick is to use a vulnerability in Windows long filename support.
Try placing an executable named Program.*, in the root directory of the “Windows” drive. Then reboot. The system may run the Program.*, with system level privileges. So long as one of the applications in the “Program Files” directory is a startup app. The call to “Program Files”, will be intercepted by Program.*.

Microsoft eventually caught on to that trick. Now days, more and more, of the startup applications are being coded to use limited privileges.

Quote:

In Windows NT and later systems derived from it (Windows 2000, Windows XP, Windows Server 2003 and Windows Vista), there may or may not be a superuser. By default, there is a superuser named Administrator, although it is not an exact analogue of the Unix root superuser account. Administrator does not have all the privileges of root because some superuser privileges are assigned to the Local System account in Windows NT.

Under normal circumstances, a user cannot run code as System, only the operating system itself has this ability, but by using the command line, we will trick Windows into running our desktop as System, along with all applications that are started from within.
Getting SYSTEM
I will now walk you through the process of obtaining SYSTEM privileges.
To start, lets open up a command prompt (Start > Run > cmd > [ENTER]).
At the prompt, enter the following command, then press [ENTER]:

Code:

at

If it responds with an “access denied” error, then we are out of luck, and you’ll have to try another method of privilege escalation; if it responds with “There are no entries in the list” (or sometimes with multiple entries already in the list) then we are good. Access to the at command varies, on some installations of Windows, even the Guest account can access it, on others it’s limited to Administrator accounts. If you can use the at command, enter the following commands, then press [ENTER]:

Code:

at 15:25 /interactive “cmd.exe”

Lets break down the preceding code. The “at” told the machine to run the at command, everything after that are the operators for the command, the important thing here, is to change the time (24 hour format) to one minute after the time currently set on your computers clock, for example: If your computer’s clock says it’s 4:30pm, convert this to 24 hour format (16:30) then use 16:31 as the time in the command. If you issue the at command again with no operators, then you should see something similar to this:

When the system clock reaches the time you set, then a new command prompt will magically run. The difference is that this one is running with system privileges (because it was started by the task scheduler service, which runs under the Local System account). It should look like this:

You’ll notice that the title bar has changed from cmd.exe to svchost.exe (which is short for Service Host). Now that we have our system command prompt, you may close the old one. Run Task Manager by either pressing CTRL+ALT+DELETE or typing taskmgr at the command prompt. In task manager, go to the processes tab, and kill explorer.exe; your desktop and all open folders should disappear, but the system command prompt should still be there.
At the system command prompt, enter in the following:

Code:

explorer.exe

A desktop will come back up, but what this? It isn’t your desktop. Go to the start menu and look at the user name, it should say “SYSTEM”. Also open up task manager again, and you’ll notice that explorer.exe is now running as SYSTEM. The easiest way to get back into your own desktop, is to log out and then log back in. The following 2 screenshots show my results (click to zoom):

System user name on start menu

explorer.exe running under SYSTEM

What to do now
Now that we have SYSTEM access, everything that we run from our explorer process will have it too, browsers, games, etc. You also have the ability to reset the administrators password, and kill other processes owned by SYSTEM. You can do anything on the machine, the equivalent of root; You are now God of the Windows machine. I’ll leave the rest up to your imagination.

ADMINISTRATOR IN WELCOME SCREEN.

When you install Windows XP an Administrator Account is created (you are asked to supply an administrator password), but the “Welcome Screen” does not give you the option to log on as Administrator unless you boot up in Safe Mode.
First you must ensure that the Administrator Account is enabled:
1 open Control Panel
2 open Administrative Tools
3 open Local Security Policy
4 expand Local Policies
5 click on Security Options
6 ensure that Accounts: Administrator account status is enabled Then follow the instructions from the “Win2000 Logon Screen Tweak” ie.
1 open Control Panel
2 open User Accounts
3 click Change the way users log on or log off
4 untick Use the Welcome Screen
5 click Apply Options
You will now be able to log on to Windows XP as Administrator in Normal Mode.

EASY WAY TO ADD THE ADMINISTRATOR USER TO THE WELCOME SCREEN.!!

Start the Registry Editor Go to:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ SpecialAccounts \ UserList \
Right-click an empty space in the right pane and select New > DWORD Value Name the new value Administrator. Double-click this new value, and enter 1 as it’s Value data. Close the registry editor and restart.