locked
password storage RRS feed

  • Question

  • i have a client with a windows home server machine he hasn't used in a while and forgot the password.  i told him not a problem, put the ophcrack disc in to get the hash, and it kept saying system fie not found.  what kind of hash is it and how do i get it out to crack it?  
    Tuesday, January 14, 2014 1:35 AM

Answers

  • There is no (easy/well known) way to decipher a password stored in Windows.

    On the other side, there are enough tools available, which allow you to reset the password for an account like Administrator with physical access, like MS DART or some linux based media.

    There would be even a way without 3rd party tools. (However I am not sure, if this is also working on a Windows Server system, since his depends from the availability of a certain file.)

    Best greetings from Germany
    Olaf
    Thursday, January 16, 2014 2:24 PM
    Moderator
  • I don't think that the Microsoft forums are the right place to debate/recommend potential password cracking technologies (since there is no guarantee the password you are talking about is really yours/your clients). Also you got some ways listed, how to reset the password, which should be no problem unless your client used EFS encryption on the server, which is an unsupported scenario anyway.

    Best greetings from Germany
    Olaf


    Friday, January 17, 2014 9:10 AM
    Moderator
  • i have a client with a windows home server machine he hasn't used in a while and forgot the password.  i told him not a problem, put the ophcrack disc in to get the hash, and it kept saying system fie not found.  what kind of hash is it and how do i get it out to crack it?  
    Olaf's point above is that 0phcrack isn't a Microsoft tool, and it's a tool for cracking passwords on Microsoft operating systems, so it's unlikely that you'll get any help here (an official Microsoft forum) in how to use it to crack passwords or what a specific error message might mean. Your best bet is going to be to ask for help on a forum where people who use 0phcrack hang out.

    I'm not on the WHS team, I just post a lot. :)

    Sunday, January 19, 2014 2:02 AM
    Moderator

All replies

  • There is no (easy/well known) way to decipher a password stored in Windows.

    On the other side, there are enough tools available, which allow you to reset the password for an account like Administrator with physical access, like MS DART or some linux based media.

    There would be even a way without 3rd party tools. (However I am not sure, if this is also working on a Windows Server system, since his depends from the availability of a certain file.)

    Best greetings from Germany
    Olaf
    Thursday, January 16, 2014 2:24 PM
    Moderator
  • i always use ophcrack for that.  it's pretty easy, except that when i do the scan, it says system file not found.  i need to know where windows home server keeps the password.  it also may be a different kind of hash, if it were not recognized, then that would explain the error.
    Friday, January 17, 2014 2:42 AM
  • I don't think that the Microsoft forums are the right place to debate/recommend potential password cracking technologies (since there is no guarantee the password you are talking about is really yours/your clients). Also you got some ways listed, how to reset the password, which should be no problem unless your client used EFS encryption on the server, which is an unsupported scenario anyway.

    Best greetings from Germany
    Olaf


    Friday, January 17, 2014 9:10 AM
    Moderator
  • i am not asking for another way to crack it, there are at least 3 more that i can think of, all of which take a little more time.  i am just asking if the password is stored in the normal place for microsoft, i have never in over 30 years worked on windows home server as an os.  this is the first one i have seen, hence the cracking effort instead of just wiping the hard drive, i want to play with it.  thanx for the tip, i did not know that would work on a server os, i will give it a try. 
    Friday, January 17, 2014 1:31 PM
  • Windows Home Server v. 1 is basically Windows Server 2003 R2, core unchanged with some wrap around.

    Resetting the Administrator password with any of the described would gain you the same access as knowing the original password.

    Best greetings from Germany
    Olaf

    Friday, January 17, 2014 2:01 PM
    Moderator
  • i have a client with a windows home server machine he hasn't used in a while and forgot the password.  i told him not a problem, put the ophcrack disc in to get the hash, and it kept saying system fie not found.  what kind of hash is it and how do i get it out to crack it?  
    Olaf's point above is that 0phcrack isn't a Microsoft tool, and it's a tool for cracking passwords on Microsoft operating systems, so it's unlikely that you'll get any help here (an official Microsoft forum) in how to use it to crack passwords or what a specific error message might mean. Your best bet is going to be to ask for help on a forum where people who use 0phcrack hang out.

    I'm not on the WHS team, I just post a lot. :)

    Sunday, January 19, 2014 2:02 AM
    Moderator
  • i understand the point and agree with you  and olaf 100%.  i would be naive at best to go to an official ms website and ask someone to help me crack a password, especially on a server.  if i were truly a sys admin for a network, i would have learned that by now.  well, i actually did, and am even pretty good at it.  the reason i am asking for assistance here is it is an operating system i have zero experience on.  it was very obscure and not well known in the first iteration and from what i hear, the second did away with the only really useful feature.  i am not asking how to crack it, just what type of hash it is.  that should be common knowledge or at the least readily available.  i am actually copping out a little and being lazy by asking for help instead of researching.  i just have entirely too much to do right now with real, paying work to screw with this side project merely for my enjoyment.  by all rights i should just wipe it and be done rather than try to login and look around.  now that i know it is just server 2003 with some fluff, i think i might.  but then that would be a little like quitting, now wouldn't it?  anyway, thanx for the help guys.  have a great weekend.

    olaf, vo vonst du?  ich bin amerikanner soldat, ich vonne im der johnson kaserne, im furth.  tschoos.  (at least i did back in '89-'92.  meine deutsch ist nicht so gut.


    • Edited by sfzombie13 Sunday, January 19, 2014 3:35 AM add a question to olaf
    Sunday, January 19, 2014 3:33 AM
  • olaf, vo vonst du?  ich bin amerikanner soldat, ich vonne im der johnson kaserne, im furth.  tschoos.  (at least i did back in '89-'92.  meine deutsch ist nicht so gut.


    Thats strong off topic here, but be it. North East Germany, near Schwerin. So you have been served in the time I lost my (East German) army, in which I served as officer.

    Best greetings from Germany
    Olaf

    Monday, January 20, 2014 7:20 AM
    Moderator