Anthony H.
asked on
windows 2008 password reset
will this work if cryptolocker was used to encrypt drive partitions?
http://www.kieranlane.com/2012/12/12/resetting-administrator-password-windows-2008/
http://www.kieranlane.com/2012/12/12/resetting-administrator-password-windows-2008/
Cryptolocker is showing up as ransomware. are you sure that's what you used?
ASKER
Sorry. Meant bit- locker windows
There should have been a recovery key established when you encrypted the drive/partition. I would use that method as opposed to renaming files and deleting files. You may force your data into a "lock-down" state.
ASKER
Key is not available.
Any other method?
Any other method?
No key, no data. I don't think you can do anything without the key.
Please be precise about the Bitlocker encryption. What protector did you use, TPM?
Long story short: yes, if the server still boots beyond Bitlocker authentication, then there are ways to reset all passwords. And yes, we may modify Bitlocker encrypted disks offline if we have the key.
Do: details please on the encryption:
TPM
TPM+PIN
Startup Key?
Long story short: yes, if the server still boots beyond Bitlocker authentication, then there are ways to reset all passwords. And yes, we may modify Bitlocker encrypted disks offline if we have the key.
Do: details please on the encryption:
TPM
TPM+PIN
Startup Key?
ASKER
I can't provide any details as I was not the one who set it up. there absolutely no information available.
Does the PC boot without bitlocker password or not?
ASKER
Yes
Ok, then we could solve it if you have administrative rights, but that's what you lack, that's why you try the offline modifications, right?
ASKER
Right. When i try password reset methods drives can't be read
Since non-admins cannot reset BL protectors, we cannot circumvent BL. Thus, we cannot use any password offline resetters.
Your only bet is FireWire. If the machine has a FireWire port, you could use the FireWire hack. But FireWire on a server? Or is it desktop hardware?
Your only bet is FireWire. If the machine has a FireWire port, you could use the FireWire hack. But FireWire on a server? Or is it desktop hardware?
ASKER
2008 r2
That is your OS, I asked for FireWire ports.
ASKER
no firewire ports. I guess I could try to find a card.
what is the process to get it done via firewire?
what is the process to get it done via firewire?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
what software are they talking about on the video??
There are two videos at least...
The first link shows methods mostly based on the software Winlockpwn.
The softwares/devices used to read out the RAM in the second video: I don't know, but there will be instructions somewhere on the web if you google "cold boot attack".
The first link shows methods mostly based on the software Winlockpwn.
The softwares/devices used to read out the RAM in the second video: I don't know, but there will be instructions somewhere on the web if you google "cold boot attack".