Solved

Windows 10 Password cracking

Posted on 2016-08-02
21
68 Views
Last Modified: 2016-09-12
Hey guys,

We've used Ophcrack and NT Password in the past to crack passwords for previous versions of Windows but are hitting a wall with Windows 10. We've found that NT Password doesn't even load and we got not much further with Ophcrack.

Any suggestions on a program to crack a Windows 10 password?

For what it's worth, to complicate things slightly, this PC was 'forcibly' updated a couple of weeks ago through Microsoft's changing of the Window 10 FREE update from an optional to recommended update, and Window's taking up of that. It's not a straight Windows 10 installation, which I understand complicates things a bit.

Looking forward to hearing what options we have.

Thanks
0
Comment
Question by:Servant-Leggie
  • 10
  • 6
  • 4
  • +1
21 Comments
 
LVL 53

Expert Comment

by:McKnife
ID: 41739981
Unless you use a microsoft account, there's no change. Local passwords can be blanked using boot disks like yours. If your win10 is encrypted however, bootdisks don't work unless they let you enter the encryption keys, first.
0
 

Author Comment

by:Servant-Leggie
ID: 41739987
McKnife, they're using a 'vanilla' Windows 10 with no encryption. We've gone down the path of password resetting through Microsoft as the user did create a new Microsoft account and cannot remember the password. However, the problem is that the email address (and username the set includes a typo (@ooutlook.com), so even if an email with password reset instructions was sent to them, they couldn't receive it.

Is there any way of enabling the display of the default local 'Administrator' account or something, or is that not an option?

I can remove the HDD and connect external to our testing machines here, so if there is some way of isolating or resetting the password this way, we can try it.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 41739998
"Is there any way of enabling the display of the default local 'Administrator' account or something, or is that not an option?" Sure, using your nt password and registry editor ("pogostick") boot disk.
Activate the account "administrator" with it, and set its password blank, logon with it, dump that ooutlook-account and create new accounts as needed.
0
 
LVL 90

Expert Comment

by:John Hurst
ID: 41740006
Can you use Pogostick offline to reset the password (as also suggested by McKnife above)?
0
 

Author Comment

by:Servant-Leggie
ID: 41740108
Thanks McKnife and John Hurst. NT Password seems to lock up (I've made sure I have the most recent version, even though that latest version is several years old), but I'll give it another try now and will let you know how I go.
0
 

Author Comment

by:Servant-Leggie
ID: 41740190
Hi guys, It still gets stuck after:

"Decompressing Linux... (etc)"
"Booting Kernel"

Just sits there for ages and ages (30mins +) until I decide that I've been more than patient.

Any ideas why this is occurring?

I thought it might be an SSD which was also connected, but this has since been disconnected and the same issues are seen. No USB drives or devices other that a USB kdb & mouse are connected.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 41740196
That boot disk boots an OS (small Linux) and not all hardware is cooperating with it.
What you should do and what always works is this: https://www.technibble.com/bypass-windows-logons-utilman/
It only needs some windows boot medium (USB or dvd) with win7/8/10 on it.
0
 
LVL 91

Assisted Solution

by:nobus
nobus earned 500 total points
ID: 41740197
it can be caused by many things; i would start by running a ram test (i use the ubcd for this; see below
for testing an SSD, best use the manufacturer's tool - what model is it?
Hardware diagnostic CD    UBCD
---------------------------------------------------
go to the download page, scroll down to the mirror section, and  click on a mirror to start the download
Download the UBCD and make the cd   <<==on a WORKING PC, and boot the problem PC from it
Here 2 links, one to the general site, and a direct link to the download

since the downloaded file is an ISO file, eg ubcd527.iso - so you need to use an ISO burning tool
if you don't have that software, install cdburnerXP : http://cdburnerxp.se/

If you want also the Ram tested - run memtest86+ at least 1 full pass,  - you should have NO errors!
 
For disk Diagnostics run the disk diag for your disk brand (eg seagate diag for seagate drive)  from the HDD section -  long or advanced diag !  (runs at least for30 minutes)

http://www.ultimatebootcd.com/      

**  you can make a bootable cd - or bootable usb stick
*** note *** for SSD drives  use the tool from the manufacturer, like intel 's toolbox :
https://downloadcenter.intel.com/download/18455/Intel-Solid-State-Drive-Toolbox

for completeness -here's how i handle disk problems : http://www.experts-exchange.com/Storage/Hard_Drives/A_3000-The-bad-hard-disk-problem.html
0
 

Author Comment

by:Servant-Leggie
ID: 41757220
Hey guys,

Sorry for my delayed reply- just spent a week in Northern Australia which was amazing!

I'll be trying all previously-unattempted solutions shortly and will let you know how I go.

...
0
 

Author Comment

by:Servant-Leggie
ID: 41761984
nobus, replaced RAM with known-working and still had a problem. Did remove drive and connected it to another PC and ran NTPassword on it. All appeared to work well, but now Windows won't boot and startup repair doesn't seem to do the trick.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 91

Expert Comment

by:nobus
ID: 41762009
how far does the boot go?  what screens do you see - and the last one?
0
 

Author Comment

by:Servant-Leggie
ID: 41764769
nobus, when the PC boots I'm able to see the motherboard (ASROCK) splash screen with the function key options in the lower-right corner of the screen. Other than the logo and text, the screen in pretty 'black'. However, shortly after the splash screen disappears, the screen brightens slightly (but noticeably), then the monitor flicks up with a notification for a split second pertaining to it's input. The ASRock splash screen is seen again, but this time after it disappears I'm met with an option to conduct a Windows Startup Repair scan or to start the PC normally. I'm not even getting to the Windows splash screen.
0
 
LVL 91

Expert Comment

by:nobus
ID: 41764836
>>    I'm met with an option to conduct a Windows Startup Repair scan or to start the PC normally  <<  this indicates it is booting from the disk - but cannot get to the end; probably a corrupt os

This has nothing to do with passwords imo

for repairing,a windows system, best boot from a windows 10 install cd - and choose repair this pc

how was this system setup?  you talked about a liinux version?
0
 

Author Comment

by:Servant-Leggie
ID: 41766365
nobus, this system was initially a Windows 7 PC which was upgraded to Windows 10 (automatically by Microsoft while the client was away from her PC). She wants it rolled back to Windows 7 as soon as I can get into it, assuming that we haven't gone past the 30 days (I fear we may have).

I'll run the OS repair and we'll see how that goes - you're right, this is a separate issue now to the original password cracking assistance request.

I only mentioned linux as part of running NTpassword on boot via a CD/DVD.
0
 
LVL 91

Expert Comment

by:nobus
ID: 41766414
ok - tx for the info - it clears up some bits
i had a few problems with riollback - that did not work well after the rollback; and had to do a fresh install
i hope you will have more luck !
0
 

Accepted Solution

by:
Servant-Leggie earned 0 total points
ID: 41789057
Thanks nobus & McKnife for your awesome suggestions. Unfortunately, none of them did the trick, though I'm sure they would have if this machine had behaved.

In the end, I just backed up the data and completed a format reinstall of Windows 7. Not ideal, but no client data lost, which is the main thing.

Not really sure why this system had so many issues, though the end user upgrading to Windows 10 and then creating a liver account with an invalid domain (ooutlook.com, in their case) certainly did us no favours. Nevertheless, all is up and working now, which I'm very happy about. Thanks again for all your collective assistance!
0
 
LVL 91

Expert Comment

by:nobus
ID: 41789062
there are many win10 problems...
0
 

Author Comment

by:Servant-Leggie
ID: 41789075
nobus, you're not wrong, though I'm starting to warm to it as an OS, but still think Win7 was the most stable OS they've ever put out... at least, on first release it seemed to me to be better than any other Windows OSs at that same stage of development.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 41789126
You can honor more than one person if you found the suggestions helpful.
If you have difficulties using the methods in suggestions, let us help you - we know how to overcome problems. It's better than to say "in the end, after nothing has worked" :-)
0
 
LVL 91

Expert Comment

by:nobus
ID: 41789292
>>   but still think Win7 was the most stable OS  <<  many still say that about XP
but even if i'm no fan of win10 - we will have to use it; if not now - then later on, unless there 's a fast upgrade to windows11 coming out
0
 

Author Closing Comment

by:Servant-Leggie
ID: 41793888
Thanks to all who assisted with this fix!
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

When you upgrade from Windows 8 to 8.1 or to Windows 10 or if you are like me you are on the Insider Program you may find yourself with many 450MB recovery partitions.  With a traditional disk that may not be a problem but with relatively smaller SS…
This is an article about Leadership and accepting and adapting to new challenges. It focuses mostly on upgrading to Windows 10.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now