Professional Documents
Culture Documents
2
.
.
Author :
Moslem Haghighian
L4tr0d3ctism
Location :
Sanandaj
Greeting to :
SHabgard Digital Security Groups Members
SpideR
: 1
: 2
...
.
.
. .
.
.
administrator
) User Accounts (Control Userpasswords2
) lusrmgr.msc( Local Users And Groups
Net User Command
syskey
SYskey Administrator
guest admiistrators
Welcom Screen
-
Ubuntu Live CD
NTPswd
PC Login Now
Winrar
-
Access Administrator
Program Protector
Anfibia Deskman
Access lock
Private Encryption
XP Smoker
Lock My Pc
PC Security Tweaker
PC Security
Securr Browser
Securr Browser
Password Door
FolderMage Pro
Stealth Encrypto
Private Desktop
nod32
Hide My Folders
Private Pix
Clear Lock
Security Administrator
Anti porn
FolderGuard
.
.
.
.
( )
.
.
User name,
9
... Login , Id , User Id . Moslem
Admin Member
Admisnitrator , Guest
Guest
administrator
System .
. .
( (
( (
.
3
- 1
- 2
- 3
10
. .
.
.
.
.
3
11
Administrator
power users
: Sharing .
Guests
backup operators
network configuration
operators
replicator group
replication
. DC
.
users group
.
.
debugger users
.
.
12
.
.
.
every one
authenticated
users
anonymous log
( )
on
creator owner
...
dial up
intractive group
Network group
13
Adminsitrator .
Power Users
administrator
.
.
User , Password
. .
DataBase
DB
) Authority .
LSA SAM
( SAM DB )
Desktop
.
Administrator .
14
administrator
XP
Welcom Screen
administrator (
Delete
15
:
Administrator
.
.
.
Power User administrator
. .
.
16
17
UserS
Set Password ... Proceed .
( )
18
Account 1sp1d3r t34m .
: 1
: 2
: 3 ""
"U S E R" "P a S s W o R d"Net user
Spider Team ( )
: 4 ""
Net User User
.
.
Guests
.
.
Local And Users Groups Users
Properties ( ( Member Of
19
Add Select Groups ...Advanced
.
Administrator .
20
. PSW
.
User Account
Prevent a Forgotten password (
).
Next .
20
Next
.
UsB Format .
Next .
21
Next .
Next
Next Finish .
22
23
Switch User
Adminsitrator
.
24
Password Hint .
25
syskey
Limit Guest
Syskey
.
.
26
SYskey Administrator
.
bootable
.
%winddir%\repair
%winddir%:\WINDOWS\system32\config
.
Administrator Syskey
. 7 Regback Config
Repir
.
guest admiistrators
sysshell
Spoolsv System32 . Spoolsv .
fat Fat32 .
27
Spoolsv
spoolsv
.
A:\copy c:windows\system32\spoolsv.exe c:\ spoolsv.exe
spoolsv \:C
spoolsv System32 .
A:\ copy spoolsv.exe c:\windows\system32\spoolsv.exe
Guest
Administrator Net user administrator l4tr0d3ctism
administrator L4tr0d3ctism .
Spoolsv Spoolsv
.
copy c:\spoolsv.exe c:\windows\system32\spoolsv.exe
Del C:\spoolsv.exe
ntfs
Boot spoolsv .
$mnt/nt1/spoolsv.exef/ cp /mnt/windows/system32/spoolsv.exe
28
spoolsv system32
nt1
\ C: .
Spoolsv
$mnt/nt1/windows/system32/spoolsv.exe/ sc /mnt/nt1/spoolsv.exe
guest
Guest Syskey .
Welcom Screen
Welcom Screen Exe
.
welcom screen
System .
System .
Welcom screen .
.
Seven
29
Displayswitch.exe sethc.exe narrattor.exe magnify.exe OSK.exe - utilman.exe
XP
1 exe Exe
) Shell(text1.text
OSK.exe bootable
BOOT OSK.EXE SYSTE32 OSK
. Boot
OSK.exe \ C:
.
30
Welcom Screen Win + U
. on Screen
keyboard .
Taskmgr
31
Cmd
Regedit
32
explorer System Seven .
CMD.exe
. CMD.exe Sethc.exe .
Sethc.exe Shift
.
33
5 6 Shift
.
Sethc.exe
C:\Windows\System32\Sethc.exe
CMD.exe Sethc.exe System32 .
.
copy c:\windows\system32\sethc.exe c:\sethc.exe
copy c:\windows\system32\cmd.exe c:\windows\syetm32\sethc.exe
5 Shift
CMD sethc.exe Net User administrator 123
administrator ... .
34
Safemod
Syskey .
.
SAM
MD4
( ) MD4 SAM
.
NTFS
35
NTFS4Dos
Fat32 .
- 1 USB Flash (
)
- 2 Run
SAM
- 3 Sam
- 4 ...
36
PasswordChanger.exe
SAM .
: Chose The Logical Drive
.
: Search For MS SAM database(S) On All Hard Disks And logical drive
SAM .
.
37
. Next
.
SAM
Sam .
Vista XP WINDOWS\SYSTEM32\CONFIG .
Next .
administrator
.
38
Ubuntu Live CD
Ubuntu
live Ubuntu Hiren boots 12 .
Xp (SP1,2,3) , Vista , Seven ,
) Windows server (2003 , 2008 . chntpw .
39
chntpw
,universe repository .
Synaptic
40
ReLoad
Open source .
41
. Mark For Installation .
Applay .
APPLY .
42
.
64 BIT 64 chntpw
Ubuntu . DEB .
http://packages.debian.org/sid/amd64/chntpw/download
43
.
cd Downloads
*sudo dpkg i chntpw
44
Chntpw Ubuntu
chntpw SAM
. .
.
Places Filesystem .
45
Title bar .
cd /media
46
Ls
.
> < CD
cd WINDOWS/system32/config/ Config .
SAM
47
: Clear ( Blank ) user password 1 .
: Edit ( Set new ) userpassword 2
: Promote User (Make user an administrator ) - 3
:Unlock and enable user accounts 4
1 Y .
48
Syskey .
NTPswd
ntpswd
Fat32 NTFS
Xp (sp2-sp3),vista , Seven .
.
.
http://pogostick.net/~pnh/ntpasswd/bootdisk.html
windows 2000 ,
49
. ISO .
Press ENTER at the boot: prompt, shown above
Load
50
Enter .
Hive
Config SAM .
Windows\System32\Config Enter
51
Sam 1 Sam
Enter .
1 Password USER .
52
.
Administrator
.
.
1 .
2
3 Limited administrator .
- 5 .
- 6 q .
( 1 )
53
"!"
" ".
)RID(Hex
! .
!
Sam
q Sam .
54
q .
Y N
Y n
55
56
.
Syskey
PC Login Now
PC Login .
NT Vista Xp
Seven . CD Boot
CD Boot
1
57
2 . Normal Boot
.
load
.
Next .
58
Sam .
59
Next .
. .
60
Windows Login Password Professional
Windows Login Password Professional
.
.
Windows 7/Vista/XP/2008/2003/2000 Server
2008/2003/2000 .
.
Next .
CD
.
.
USB
Burn
61
Close
62
USB Flash CD
Sam .
Next
63
Reset
Next
Reboot .
64
Winrar
.
winrar
.
Winrar
AES 128
.
Rar .
40% .
Rar ...
... .com Rar
www. .
comment
...
65
.
comment ... (
) Sanandaj
shabgard
shabgard.org
www.shabgard.org
Shabgard
Shabgard.org
www.Shabgard.org
WWW.SHABGARD.ORG
( )
( (
Rar ...
( )
.
Rar SST
( )
66
.
.
123456
12312355555
.
... zerangtarinam
%90
. :
...
Winrar
67
1 ( ) Dictionary
2 ( ) Brute Force
Dictionary
DB
.
.
TXT
.
brute force
1
20 100%
Winrar
{| s04(#P5?< R 13
4 -3 .
. D :
Brute force
68
.
...
1000
0000
Client1
2000
1001
Client2
3000
2001
Client3
4000
3001
Client4
4001
Client5
Client6
Client7
...
.
.
69
) .
:d ............. .
Access Administrator
.
HKEY_LOCAL_MACHINE\SOFTWARE\Access Administrator
f94b2aa 281744411 .
Program Protector
.
\HKEY_LOCAL_MACHINE\SOFTWARE\Karlis Blumentals\Program Protector\3.0
password .
70
Anfibia Deskman
C:\users\ All Users\Application Data\Deskman9\
. deskman.dat
Access lock
C:\users\ All Users\Application Data\Access Lock
. f2c01301.dat
71
Private Encryption
dwphtlts.dvr Show Hidden My Documents
.
HKEY_CURRENT_USER\Software\Microsoft\trsys\copp\
u
HKEY_CURRENT_USER\Software\Microsoft\trsys\copp\
. t
XP Smoker
HKEY_LOCAL_MACHINE\SOFTWARE\WareSoft Software\XP Smoker
. Password Set
Lock My Pc
HKEY_LOCAL_MACHINE\SOFTWARE\FSPro Labs\Lock My PC 4
. hkSm
72
PC Security Tweaker
HKEY_LOCAL_MACHINE\SOFTWARE\PC Security Tweaker
DEFAOPTIONS
st Security Agent1
HKEY_LOCAL_MACHINE\SOFTWARE\1st Security Agent
. DEFAOPTIONS
PC Security
X:\windows
gercescp.dvr
dwpces23.dru
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\trsys\copp\
S
73
Securr Browser
X:\windows
gerwrbes.dvr
b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Secsys\copp
Securr Browser
X:\windows
gerwrbes.dvr
b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Secsys\copp
Password Door
. End TLPD.exe
X:\User\All Users\Application Data\TopLang\Password Door
. PDoor.dat
74
FolderMage Pro
X:\windows\deff1.dat
Stealth Encrypto
X:\windows
.
GERHTS61.DRU
DWPHTS61.DRU
Private Desktop
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\trsys\pd
p
X:\windows
gerkseds.dvr .
75
nod32
. Safemode
HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info
. PackageID
Hide My Folders
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\H FCore
. Password
Private Pix
HKEY_CURRENT_USER\Software\Microsoft\Secsys\pm
. pwd
76
Clear Lock
HKEY_LOCAL_MACHINE\SOFTWARE\1st Security Agent
DEFAOPTIONS
Security Administrator
HKEY_LOCAL_MACHINE\SOFTWARE\Security Administrator
DEFAOPTIONS
Anti porn
:D
:d
Safe mode
X:\windows\Eleathe.bmp
FolderGuard
HKEY_LOCAL_MACHINE\SOFTWARE\WinAbility\FGD
FGP
X:\Users\All Users\Application Data\Folder Guard
FGp
77
.
.
.
.
78
Spider Security Team
From sanandaj
Author : Moslem Haghighian ( l4tr0d3ctism )
3mail : l4tr0d3ctism@yahoo@gmail@hotmail.com
Special Thanks To :
All SHabgard Digital Security Groups Members
All Black Hat Group Security Center members
|=453 914I-; 914I-;3