• Content count

  • Joined

  • Last visited

Everything posted by deiol

  1. I contemplated putting this in the Nubie HQ, but I feel this is more than just a "please show me how to crack a password, I want to be 1337!" question. I've used PWDUMP, LC4, LC5, and Cain before to crack passwords, this isn't new to me. For this, my roommate challenged me to crack his computer password, he knows nothing about computer, but he did something I've never seen before and I don't know what it is. He thought I would use my 'Guest' account to try to get his password, but he left his account on while he went to the bathroom and I was able to run PWDUMP2 and e-mail the results to myself. I cracked all the accounts on the computer except his, using LC5. His LM Password hash comes up as: aad3b435b51404eeaad3b435b51404ee Those familiar with cracking windows passwords know that this is a blank password. However his password is not blank... anyone know what could cause this? The full hash from PWDUMP2 is: Matt:1003:aad3b435b51404eeaad3b435b51404ee:93f28a5a088f518f7987ba4f8a3ff978::: Thanks for looking!
  2. Yeah, I have UltraVNC on the computer, so as soon as he walks away I can start working on his computer if I want, I don't have to get up and move. But if he's logged off, all I can do is look at the login screen. As far as a hardware keylogger, yeah I've been thinking of getting one just because its a good thing to have, but I don't have the money right now for it, plus he might actually notice is there since he goes behind his computer all the time to switch his speakers and headphones. The other option is a keylogger that installs inside the keyboard. Thanks diverter. That fake windows login app sounds interesting, maybe I'll give it a try, how does it work? Is it compatible with the cute WinXP Welcome Screen? Thanks for your help.
  3. that sneak! I just checked the registry and found out that he turned off LM hashes: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa Add Key: NoLMHash He's working with someone...
  4. Do you mean a program that grabs the actual SAM file? Or just the hash? Cause PWDUMP is what I have always used, grabs the hash, but as you can see it doesn't work in this case.
  5. I have a hard drive adaptor that allows you to attach a regular IDE harddrive via firewire800. Its made by a company called wiebetech.
  6. Someone could be sending you messages from this website: I'm not sure if the site checks to make sure you've entered a valid phone number in the "from" box.
  7. Ah, how I loved sticky keys. My friends and I would make raps using sticky key sounds and ejecting the CD-ROM drives... the good ole days of high school
  8. I sugguested this site to a friend and they might actually use it, I will definately post here with the results if and when that happens.
  9. Oh yeah, I forgot to mention to use DVD-R disks.
  10. What brand of DVD burner are you using, and what brand set-top box are you using. Also, what brand blank DVDs are you using? I have a Plextor 16x DVD burner, and burning 16x Memorex DVDs hasn't given me a problem on any of my set-top boxes. I have an old dvd player, a really cheap dvd player, never a problem.
  11. I've never seen arctic silver melt or leak. I run my shizzle hotish and do a yearly cleanup on my machines (use orange cleaner to clean out heatsinks... gets them sparkly). Compared to tape, when I take off a sink, usually it's tape that is really skimpy and flakey... At least arctic silver you still have to wipe off the core before you reapply and refasten the sink. ← You shouldn't even be putting that much artic silver on, just a thin layer between the heatsink and processor is all you need, to fill in the little crevaces in both the heatsink and processor. Nothing should leak out, and I've been using it for years on my machines.
  12. I plan on going to HOPE in 06, I went in 04. I'd love to meet up with someone there cause I'm kind of anti-social, my friend and I just took in the sights. PM me.
  13. WTF. South Jersey rednecks don't need fiber.... Offtopic, how do I find out if I can get fiber round me? ← I live on the border of NY and NJ, in NJ. Most of the guys I work with in NY have fiber and my town is suppposed to be one of the first in northern NJ to get fiber to the house. They didn't say when, but I guess it will be soon.
  14. I hope someone here has some experience with mag cards. After a lot of delay due to school and work, I finally got my card reader working. I sucessfully swiped track 2 of my school ID and figured out what is on it. I modded the reader and now I am trying to read track 3 using stripe snoop. The problem is, every time I swipe track 3 in raw mode, I get a different output. Each swipe is similar from the last, but sometimes I will get double the numbers outputed the last time I swiped. I tried swiping the card 5 times right in a row and every swipe outputed something slightly different. Is this an error in the reader? Or is this just a fact of life, that the data encoded on the card can be misred sometimes and I'll have to figure out which swipe is the correct data. If it is the latter, any tips on doing so? Thanks
  15. I opened the side of the swiper, unscrewed the magnetic head, and moved it to the position for slot 3, and screwed it back in. I've since moved it back to the 2nd track position and it still reads track 2 correctly. From my research I have figured out that track 2 contains a number similar to a credit card number that is linked to a database. Each swipe of an external door, or swipe into the cafeteria, runs this number against the database to see if I can access the building or the cafeteria. That is all using the Diebold/CBORD campus card system. Track 3 is used for gaining access to my dorm room. It is an Onity door system similar to the one seen in hotels. The data on track 3 is encrypted and does not conform to ISO standards.
  16. forgot to mention, i don't know if it does the same at your school, but at my school when a blocked page came up, it gave the address or something similar. Seems like that is the IP address of the websense server, maybe do a port scan? There is a remote administration tool for websense, I forget the port it uses but the info along with the client was available at the websense website a year ago.
  17. Last year when I was in high school, I encountered Websense every day. They blocked tons of stuff, including a poem I needed for english class, and my computer teacher's website hosted at There are a few ways I got around it, both mentioned here. The first method I used was pinging the web address and getting the IP address. Sometimes it worked, even without the hex conversion. The other method I used was an https proxy. Websense doesn't filter port 443(https). (Not sure if this was only true for https:// sites or if its for port 443.) Bottom line, you could visit any secure website you wanted. This means either use a proxy that is https, or host your own at home and use SSL. I'm not sure if the connection needs to be encrypted to avoid websense, I don't think I ever visited a website on port 443 that wasn't SSL. You might also want to try port 81 or any other port for that matter when you make your proxy. If websense is only set up on port 80 like I imagine, then using a proxy on a non-80 port # will not allow websense to log the proxy you use as an unknown site for future review.
  18. don't those tools just back up the phonebooks? also, anyone know of any sim programmers that hook up to an ipaq 1945, either through SD or Bluetooth? I have one in the mail, thought it'd be cool if I could copy my sims to that.
  19. edit: removed useless info