[Gllug] Windows XP 64 bit password reset from Ubuntu - where is
general_email at technicalbloke.com
general_email at technicalbloke.com
Tue Nov 10 09:22:08 UTC 2009
Chris Bell wrote:
> On Tue 10 Nov, general_email at technicalbloke.com wrote:
>
>
>
>> Yes blanking can be much faster BUT there is one important caveat. If
>> the user in question has windows encrypted files/folders you will quite
>> likely lose access to them forever by changing their password. Orpcrack,
>> while slower and non determinate won't give you that problem. If you're
>> in any doubt, image the drive before wiping the password.
>>
>> Also, re: BIOS, as somebody said earlier ocassionally leaving the
>> battery disconnected for a while will do this. If not then you need to
>> replace the BIOS chip itself. There's a bunch of places that do this and
>> it's remarkably cheap. Tell them to have a look at:
>> http://bios-repair.co.uk/
>>
>> Roger.
>>
>>
>
> How obvious would it be that it is an encrypted filesystem? Would the
> offline NT PW editor still be able to find the files to work on?
>
>
I think so. I don't believe Windows encryption (pre-bitlocker) ever
actually encrypts the whole volume, only individual files and folders.
When viewed in Windows Explorer encrypted objects are commonly
highlighted in green text (as compressed ones are blue). I don't know
for certain that this highlighting will carry over if you simply plug
the drive into another Windows box, I'd imagine it would but that is a
guess.
I have to say though, I've only once encountered this in the wild in 6
years. Most people don't know it's there and so they never use it. If
the contents of the drive are critical I'd speak to the owner (or
administrator) of the drive (if possible) and ask them if they ever
encrypted any files or folders - they should know, it's not something
you could really do accidentally.
Cheers,
Roger.
PS: Some bioses can be reset by bridging a pair of contacts on the mobo
too. Tell you friend to google around, there's loads of info on it.
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list