XP Password Recovery (Not Reset)

[Tesla]

Hi all,

Could anybody recommend a tool able to recover XP local account passwords?

I have a customer who is convinced she is entering the correct password but I am less so.

I'm familiar with the procedure to reset the account password with various bootable tools but cannot recall if any of them have the option to display the current password instead or as well as resetting it.

Thanks in advance.

 

[PCSComputerGuy]

Ophcrack should display the password I believe

 

[bertie40]

0phcrack is pretty good, but it can be limited as the free version has a limited set of rainbow tables.

So it depends on how lengthy the password is.

 

[Markverhyden]

Hi all,

Could anybody recommend a tool able to recover XP local account passwords?

I have a customer who is convinced she is entering the correct password but I am less so.

I'm familiar with the procedure to reset the account password with various bootable tools but cannot recall if any of them have the option to display the current password instead or as well as resetting it.

Thanks in advance.

Why don't you want to just reset password? Unless this is on a domain it should not effect anything. Second thought, if they have XP Pro and are using EFS that would be a problem.

Also, just to ask, have you looked at KB issues. Such as laptops which may have num lock on.

 

[Larry Sabo]

After accessing the Administrator account or using KonBoot, you might try SIW (Software, Passwords section) or Nirsoft's Protected Storage View to see what passwords they have used for various purposes. Quite often it's one of those. I'd try Ophcrack first.

 

[Tesla]

Thanks for the suggestions chaps.

Will report back with what works.

 

[Tesla]

SAMInside did the trick. Although, displayed the passwords in CAPS when infact it was all lowercase.

I wanted to recover the password to prove to the customer that it hadn't "changed itself".

 

[nlinecomputers]

SAMInside did the trick. Although, displayed the passwords in CAPS when infact it was all lowercase.

I wanted to recover the password to prove to the customer that it hadn't "changed itself".

How is that going to prove anything? If the client is entering the wrong password showing him/her the correct one will either get continued denial(My password has ALWAYS been RedDog not BigDog.) and/or embarrass the end user when confronted with the fact that they did indeed forget it. Seems like it would be better to do a bit of a white lie and just say the password was corrupted and change it. Not to mention the time wasted for this exercise.

 

[nlinecomputers]

It's wasting time when the client is waiting on you to fix the problem. Which is faster? A password reset or a password recovery? Learning things is fine but not on the clients dollar. Especially when all he seemed to want to be doing is prove his point instead of solving the problem. Maybe that isnt the case but that is the read I took from him.

 

[nlinecomputers]

No the client situation is not usual at all. Lost passwords are a common problem. The OP desire to find the original password rather then simply blank the existing unknown password and get the client online is what is unusual and I suspect undesired by the end user. You want to learn how to crack passwords, great, good skill to have but keeping a client waiting when a different faster and known solution isn't doing the end user a good service.

 

[Tesla]

Hi guys,

It took around 5 minutes to brute force the password plus my customer wasn't using the computer at all that morning. Absolutely no inconvenience at all.

My customers preference was to find out the password as they were convinced it had changed.

Thanks.