I got a request to make this instructable.
I will explain to you how you get the password of the local admin, network admin, and everyone else on the network.
Disclaimer: This instuctable is for educational purposes only, doing this at your own school may get you expelled or worse.
Only do this when you have permission from the system admin.
Note: GETTING THE NETWORK ADMIN does not work everywhere, you have to be lucky.
Note: the files used do not contain viruses, no matter what the scan says, just press "don't do anything".
Step 1: YOUR TOOLS
- An usb drive with a special PHP file I made. I'll give it to you during this instructable
- A bootable linux distro (I use knoppix, but feel free to use everything else)
- A usb drive with the programs "Saminside" (check insidepro.com) and "Fgdump" (on foofus.net/fizzgig)
Step 2: GETTING THE LOCAL ADMIN part 1 version 1
Boot the computer and insert your usb drive.
Copy the file called pwd.php in the htdocs folder on your webserver
surf with your browser to http://localhost/pwd.php
Don't type anything in the fields and click the submit button.
If the virus scanner gives you a warning try version 2 (you will need the program saminside and the linux distro)
You will be sent to the next page, download the file from the link to your usb drive and for the love of god REMOVE PWD.PHP AND THE JUST CREATED FILE FROM THE HARDDRIVE
you can skip version 2 and go to GETTING THE LOCAL ADMIN part 2
Step 3: GETTING THE LOCAL ADMIN part 1 version 2
turn off the computer and boot into linux using your CD
once it's booted get into the harddrive and go to WINDOWS/System32/config/. Then copy the sam and sytem files to your usb drive
boot back into windows, start Saminside and import the sam and system files, then export to pwdump