Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

windows 2008 password reset

Posted on 2014-03-07
18
Medium Priority
?
301 Views
Last Modified: 2014-03-10
will this work if cryptolocker was used to encrypt drive partitions?

http://www.kieranlane.com/2012/12/12/resetting-administrator-password-windows-2008/
0
Comment
Question by:Anthony H.
  • 8
  • 7
  • 2
  • +1
18 Comments
 
LVL 14

Expert Comment

by:Zac Harris
ID: 39913313
Cryptolocker is showing up as ransomware. are you sure that's what you used?
0
 

Author Comment

by:Anthony H.
ID: 39913319
Sorry. Meant bit- locker windows
0
 
LVL 14

Expert Comment

by:Zac Harris
ID: 39913341
There should have been a recovery key established when you encrypted the drive/partition. I would use that method as opposed to renaming files and deleting files. You may force your data into a "lock-down" state.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 

Author Comment

by:Anthony H.
ID: 39913497
Key is not available.

Any other method?
0
 
LVL 25

Expert Comment

by:Mohammed Khawaja
ID: 39913748
No key, no data.  I don't think you can do anything without the key.
0
 
LVL 58

Expert Comment

by:McKnife
ID: 39914472
Please be precise about the Bitlocker encryption. What protector did you use, TPM?
Long story short: yes, if the server still boots beyond Bitlocker authentication, then there are ways to reset all passwords. And yes, we may modify Bitlocker encrypted disks offline if we have the key.

Do: details please on the encryption:
TPM
TPM+PIN
Startup Key?
0
 

Author Comment

by:Anthony H.
ID: 39914721
I can't provide any details as I was not the one who set it up. there absolutely no information available.
0
 
LVL 58

Expert Comment

by:McKnife
ID: 39914794
Does the PC boot without bitlocker password or not?
0
 

Author Comment

by:Anthony H.
ID: 39914812
Yes
0
 
LVL 58

Expert Comment

by:McKnife
ID: 39915046
Ok, then we could solve it if you have administrative rights, but that's what you lack, that's why you try the offline modifications, right?
0
 

Author Comment

by:Anthony H.
ID: 39915049
Right. When i try password reset methods drives can't be read
0
 
LVL 58

Expert Comment

by:McKnife
ID: 39915082
Since non-admins cannot reset BL protectors, we cannot circumvent BL. Thus, we cannot use any password offline resetters.
Your only bet is FireWire. If the machine has a FireWire port, you could use the FireWire hack. But FireWire on a server? Or is it desktop hardware?
0
 

Author Comment

by:Anthony H.
ID: 39915085
2008 r2
0
 
LVL 58

Expert Comment

by:McKnife
ID: 39915166
That is your OS, I asked for FireWire ports.
0
 

Author Comment

by:Anthony H.
ID: 39915184
no firewire ports. I guess I could try to find a card.

what is the process to get it done via firewire?
0
 
LVL 58

Accepted Solution

by:
McKnife earned 2000 total points
ID: 39916961
That card would need to get auto-installed, so you would need to find one that works with Windows' built-in drivers. http://www.youtube.com/results?search_query=firewire+hack Shows the process.

If not possible, your last Resort is a cold-boot-attack: http://www.youtube.com/watch?v=JDaicPIgn9U
0
 

Author Comment

by:Anthony H.
ID: 39919493
what software are they talking about on the video??
0
 
LVL 58

Expert Comment

by:McKnife
ID: 39919714
There are two videos at least...
The first link shows methods mostly based on the software Winlockpwn.
The softwares/devices used to read out the RAM in the second video: I don't know, but there will be instructions somewhere on the web if you google "cold boot attack".
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question