Recovering passwords from a windows 2003 server

Sometimes when a business decide to switch his computer maintenance to another company switched company rejects to give server passwords with or without good reason.

There’s a lot of ways of reset administrator password, but recover any of then can be better.

If you need to recover passwords from a windows 2003 server a easy way is shutdown the server and start a linux live CD like ubuntu.

If you can access to windows filesystem you can access to SAM data, a database with local passwords 馃槢 .

You only need to copy %SystemRoot%/system32/config directory to a flash memory or another storage device.

Install into another computer Ophcrack software. In my laptop running fedora 21 executeas root

dnf install ophcrack

Download XP rainbow tables from here http://ophcrack.sourceforge.net/tables.php

Open ophcrack

Click on Tables -> install

and load downloaded tables

ophcrack load tables

Now at load button select Encrypted SAM and open the folder %SystemRoot%/system32/config recovered using Linux liveCD

ophcrack main windowand finally click on Crack button

recovered passwordsOnly took half minute, literally in recover 13 of 14 passwords.

Enjoy

 

 

 

creating replacing and resizing mdadm Raid 1

Raid controller

Sometimes hardware Raid controllers are very expensive to fit in low budget solutions, when this happens you can use software raid, like mdadm.

Normally hard disks have a limited lifetime. To avoid disasters I replace hard disk every two years, at same time that means that new hard disk will come in a bigger capacity. I will simulate this workflow.

Unfortunately I’m not a rich engineer yet and need to simulate hard disk, if you want to donate some hard disk leave me a comment 馃檪

step 1 and 2 are for create virtual hard disk,

REMEMBER MAKE BACKUPS BEFORE DO DANGEROUS THINGS LIKE THESE

Step 1: Create virtual hard disk

Imagine that in a beginning we have a couple of two hard disk with a capacity of one terabyte (1HD and 2HD), and after two years聽 we acquired two new hard drives with a capacity of three terabyte (3HD and 4HD).

I will use gigabytes instead terabytes for time and capacity reasons

as root

  • cd
  • mkdir mdadmtesting
  • cd mdadmtesting
  • fallocate -l 1G 1HD.raw
  • fallocate -l 1G 2HD.raw
  • fallocate -l 3G 3HD.raw
  • fallocate -l 3G 4HD.raw

Step 2: Associate created files with loop devices

  • losetup /dev/loop0 /root/mdadmtesting/1HD.raw
  • losetup /dev/loop1 /root/mdadmtesting/2HD.raw
  • losetup /dev/loop2 /root/mdadmtesting/3HD.raw
  • losetup /dev/loop3 /root/mdadmtesting/4HD.raw

Step3: create a mdadm device in raid 1 mode

  • 聽mdadm –create –verbose /dev/md0 –level=1 –raid-devices=2 /dev/loop0 /dev/loop1
  • mkfs.ext4 /dev/md0

finally we need to mount new raid and make some files

  • mount /dev/md0 /mnt
  • cd /mnt
  • for i in {1..100}; do echo $i > $i; done

Step 4 Replace one hard disk

we need to mark one hard disk as fail to replace

  • mdadm –manage /dev/md0 –fail /dev/loop0

remove disk from array

  • mdadm –manage /dev/md0 –remove /dev/loop0

attach new hard disk

  • mdadm –manage /dev/md0 –add /dev/loop2

check raid status and wait until raid state is setted as clear and not

State : clean, degraded, recovering

  • mdadm –detail /dev/md0

Step 5: Replace second hard disk

  • mdadm –manage /dev/md0 –fail /dev/loop1
  • mdadm –manage /dev/md0 –remove /dev/loop1
  • mdadm –manage /dev/md0 –add /dev/loop3

wait until state is clean

  • mdadm –detail /dev/md0

Step 6 Grow raid device

At this moment we have removed our old 1Tb disk and they have been replaced with a new 3Tb drive but our raid size is 1Tb we need to grow it

  • mdadm –grow /dev/md0 –size=max

Step 7 Grow filesystem

Our raid size is 3Tb but our file system is still at 1Tb we need to resize it

  • resize2fs /dev/md0

and finally we have our mdadm raid with new drives and a lot of free space.

Enjoy