nerdexam
EC-Council

312-50V10 · Question #6

You have gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, y

The correct answer is C. CHNTPW. When physical access to a Windows system is available and the password is unknown, a live Linux environment can be used to directly manipulate the Windows SAM database. CHNTPW is the tool designed for exactly this purpose.

System Hacking

Question

You have gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool can change any user's password or activate disabled Windows accounts?

Options

  • AJohn the Ripper
  • BSET
  • CCHNTPW
  • DCain & Abel

How the community answered

(26 responses)
  • A
    8% (2)
  • B
    4% (1)
  • C
    88% (23)

Why each option

When physical access to a Windows system is available and the password is unknown, a live Linux environment can be used to directly manipulate the Windows SAM database. CHNTPW is the tool designed for exactly this purpose.

AJohn the Ripper

John the Ripper is a password cracking tool that attempts to recover passwords through brute-force or dictionary attacks on password hashes - it does not directly modify or reset account passwords.

BSET

SET (Social Engineering Toolkit) is a framework for performing social engineering attacks such as phishing and credential harvesting, and has no capability to modify Windows account databases.

CCHNTPWCorrect

CHNTPW (Change NT Password) is an offline Linux-based utility that directly edits the Windows SAM (Security Account Manager) registry hive, allowing a user to reset or blank any local account password and re-enable disabled or locked accounts without knowing the original password. Booting from a LiveCD like Ubuntu provides full access to the NTFS filesystem where the SAM file resides, making this attack possible without any network access or OS login.

DCain & Abel

Cain and Abel is a Windows-based password recovery and network sniffing tool that runs within a live Windows OS session, making it unusable from a Linux LiveCD to modify offline Windows accounts.

Concept tested: Offline Windows password reset using CHNTPW

Source: https://docs.kali.org/tools/chntpw

Topics

#CHNTPW#offline password reset#Windows authentication#LiveCD tools

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice