Can someone help me. I cant remember the command to copy the SAM file while in knoppix std. could you help me out.

chntpw is used to reset the Administrator passwd and edit the registry

There is a way to get the password with knoppix std but i cannot remember the command.

Unless STD brings any cracking programs, not password reseters, you would have to either 1) Reset the password or 2) keep reading.

REMEMBER, before you do this possibly save yourself the hassle and find out if STD brings a cracking program. I am sorry I can not tell you this because I have never used STD.

1. Mount your windows partition.
2.Navigate to the following directory /Windows/System32/Config
3.Copy the sam file to any removable media large enough. (use a usb key or, if you have two drives, and cd/dvd burner. Zip will work fine. If you had very few accounts and account data it MIGHT fit on a floppy.
4. Go to a windows machine that works and download a windows nt password cracker (l0pth crack is popular one but it is expensive)
5. Insert the media with the SAM file. Edit: copy the SAM file to your harddrive as it will speed things up.
6. Run the cracker and load the SAM file.
7. Start the cracking process
8. Be patient it can take a long time for this to finish.

Tell me if it works

Ya i know but i was going to use lopht crack or sam inside. but i still dont no the shell command to copy the file onto the thumb drive that was my qeustion.

I tried this last month, it gave me so much trouble I downloaded MandrakeMove.

I had to do all sorts of mounting with different options (STD mounts my USB key ro) and I had to SU a few times.

MandrakeMove had the same problem. Therefore I went to my last resort - I put my Gentoo DVD in and copied it from the pre-install environment.

Basically, the command should be:
I'm pretty sure something is wrong in there, and I can't remember the SAM location for the life of me.

That assumes your USB key (normally /dev/sda1) is mounted at /mnt/sda1 and that your windows drive (mine is /dev/hda1) is mounted at /mnt/win

Hope that helps somehow.

ya it does thanks man

Before proceeding, this XP machine you are the owner and sysadmin of? If not, helping others to crack or change passwords on this site is forbidden and this thread will be closed if you do not reply in accordance.

Regards.

You will never crack the password unless its a dictionary word or some other equally dumb password. XP uses one way encryption for the users passwords. Even if you hade a top of the line computer it will take you years because the only way is a brute force attack. Good Luck.

8. Be patient it can take a long time for this to finish.

lol, yeah about a couple of years, maybe even decads or centuries.

there is a linux-based live CD.. i don't know exactly the name of it.. but I just have it labeled as 'rescue disk' and it will allow you do change or blank any windows nt-based password(NT, 2000, XP) I don't remember wher i downloaded it.. but I could perhaps make an image of the disc.. it's only like 20MB I think??

It offers various other utilities like a registry editor and stuff.. I have only ever use the password reset though..

To change the password does not always work(i.e. - the password you changed it to doesn't work allt he time) but blanking the password (done by entering * for the password) works 100%

Moved: This thread is more suitable in General, and has been moved accordingly to help your thread/question get the exposure it deserves.

I am having trouble recognizing my hard drive with Knoppix STD. It is a Serial ATA, and i would like to recover some data from it...

hmmm....windows xp does use LM hash doesnt it??
It will probably take like a minute to crack a password of a very complex type. Use rainbow tables...use online crackers...

PS damn...didnt see the date

Yes, it's very easy. I helped write a guide on Wikibooks a while ago about how to do this. Please feel free to improve it.