I have a Windows XP installation on a VMWare hard disk. Today I tried to boot it, but… OOPS (no.. I don’t mean Object Oriented Programming and Systems… I mean..crap!). It seems I forgot the password of the installation. So a little adventure started…

1. After a bit of research I found out that there is ophcrack. I downloaded the live CD as an ISO image and set VMWare to load that CD.

2. When VMWare starts and before windows starts booting I clicked on the VMWare screen and pressed ESC. This gives me the menu to select the device I want to use to boot.

3. I chose to boot from the CD.

4. The ophcrack live CD starts loading, but when it finishes I get a:  “No partition containing hashes found” error.

5. The problem seems to be that the Windows installation is on a SCSI virtual disk that is not recognised by this distribution of linux. Tried “fdisk -l” on a terminal from within the ophcrack live CD and it didn’t return any results.  To be able to crack the password I need to have access to the “WIndows/System32/config/ folder of my virtual hard disk. So…

6.  I created a second virtual hard disk in the same VMWare virtual machine. I downloaded an ISO image of Ubuntu

7. Installed Ubuntu on the newly created hard disk.

8. Boot using Ubuntu. Ubuntu was able to access the virtual hard disk of the windows installation. I copied the folder “WIndows/System32/config/” on my local Windows 7 installation.

9. Downloaded ophcrack for Windows and installed it on my Windows 7. Also downloaded the XP Free Small Table.

10. Launched ophcrack and clicked on “Tables”->Install and selected the folder where I had downloaded the XP Free Small Table file (if it is a zip file you need to unzip it).

11. Select Load->Encypted SAM and select the “config” folder I had copied from the VMWare installation (through Ubuntu).

12. Got my password in 45 seconds!!

3 thoughts on “A small adventure comes to a happy end..

  1. Thanks for sharing this! The SCSI support was also my issue with accessing the Windows disk (#5 above).

    I found an easier solution though. After I switched the disk mode from SCSI to IDE in the VM settings (which you can do after shutting down), I restarted the ophcrack live CD, and it could retrieve the files and get the password. No need for a separate Ubuntu installation.

    Thanks again for writing this up – I could not have solved it without this post!

    Reply

Leave a reply

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> 

required

Page last modified: 05:55 on November 6, 2013 (UTC+2)