ComputerSecurityStudent (CSS) [Login] [Join Now]




|FORENSICS >> Hiren's BootCD >> Current Page |Views: 179620

(Hiren's: Boot CD)

{ Offline NT/2000/XP/Vista/7 Password Changer }


Section 0. Background Information
  1. What is Hiren's Boot CD?
    • Hiren's BootCD is a boot CD containing various diagnostic programs such as partitioning agents, system performance benchmarks, disk cloning and imaging tools, data recovery tools, MBR tools, BIOS tools, and many others for fixing various computer problems. It is a Bootable CD; thus, it can be useful even if the primary operating system cannot be booted.
    • http://www.hiren.info/pages/bootcd

  2. Lab Notes
    • In this lab we will do the following:
      1. Download the Hiren's iso
      2. Boot Damn Vulnerable WXP-SP2 into the Hiren's Environment
      3. Use the Offline Password Changer to clear the Administrator's Password

  3. Pre-Requisites
  4. Legal Disclaimer
    • As a condition of your use of this Web site, you warrant to computersecuritystudent.com that you will not use this Web site for any purpose that is unlawful or that is prohibited by these terms, conditions, and notices.
    • In accordance with UCC § 2-316, this product is provided with "no warranties, either express or implied." The information contained is provided "as-is", with "no guarantee of merchantability."
    • In addition, this is a teaching website that does not condone malicious behavior of any kind.
    • You are on notice, that continuing and/or using this lab outside your "own" test environment is considered malicious and is against the law.
    • © 2012 No content replication of any kind is allowed without express written permission.
Section 1: Prerequisite
  1. Open A Firefox Browser
    • Notes:
      • Login to the machine that has VM Player Installed.
    • Instructions:
      1. Click on the Windows Start Button
      2. Type firefox in the search box
      3. Click on Mozilla Firefox

     

  2. Place Link in Firefox Browser
    • Instructions:
      1. Place the following address in the Firefox Browser
        • http://www.hirensbootcd.org/files/Hirens.BootCD.14.0.zip
      2. Click OK to download

     

  3. Navigate and Save
    • Instructions:
      1. Navigate to the directory of your choosing.
        • In my case, E:\Hirens
      2. Click Save

     

  4. Open Download Folder
    • Instructions:
      1. Tools --> Downloads
      2. Right Click on Hirens.BootCD.14.0.zip
      3. Click on Open Containing Folder

     

  5. Extract Hirens
    • Instructions:
      1. Right click on Hirens.BootCD.14.0.zip
      2. Mouse Over on 7-Zip
      3. Click Extract Here

     

  6. View Results
    • Note(FYI):
      1. Among other files you should see the Hiren's ISO File.
        • Hiren's.BootCD.14.0.iso

     

Section 2: Configuring VMware to play Hiren's
  1. Edit Virtual Machine Settings
    • Instructions:
      1. Click on Damn Vulnerable Windows XP
      2. Click on Edit virtual machine

     

  2. Configure CD/DVD (IDE)
    • Instructions
      1. Click Configure CD/DVD (IDE)
      2. Check Connect at power on
      3. Click the radio button "Use ISO image file:"
      4. Click the Browse button and Navigate to the location of the Hiren's.BootCD.14.0.iso
      5. Click the Options Tab

     

  3. Configure Operating System Settings
    • Instructions
      1. Click on General
      2. Guest operating system: Linux
      3. Version: Other Linux 2.6.x kernel
      4. Click on OK

     

  4. Start Damn Vulnerable WXP-SP2
    • Instructions:
      1. Click on Damn Vulnerable WXP-SP2
      2. Click on Play virtual machine

     

  5. Access the Boot Menu

     

  6. Boot from CD-ROM Drive
    • Instructions
      1. Arrow Down to where CD-ROM Drive is highlighted
      2. Press <Enter>

 

Section 3: Starting up the Offline NT/2000/XP/Vista/7 Password Changer
  1. Select "Offline NT/2000/XP/Vista/7 Password Changer" (See Below)
    • Instructions
      1. Arrow Down to Offline NT/2000/XP/Vista/7 Password Changer
      2. Press Enter

     

  2. Linux Kernel Boot options
    • Instructions
      1. Press Enter.

     

  3. Partition Selection
    • Instructions
      1. Type "1"
      2. Press Enter.

     

  4. Unclean File System Message
    • Instructions
      1. Do you wish to force it (y/n) [n] y
      2. Press Enter.

     

  5. What is the path of the registry directory?
    • Instructions
      1. [WINDOWS/system32/config] Just Press Enter

     

  6. Select which part of the registry to load
    • Instructions
      1. Type "1"
      2. Press Enter.

     

  7. Select Hive
    • Instructions
      1. Type "1"
      2. Press Enter.

     

  8. Type in the username that you would like to reset.
    • Instructions
      1. Type "Administrator"
      2. Press Enter

     

  9. User Edit Menu
    • Instructions
      1. To clear the password, select 1.
      2. Press Enter
    • Notes(FYI)
      • You also have the ability to do the following
        1. Set a new password
        2. Promote a user to an Administator
        3. Unlock Accounts

     

  10. Reviewing Results
    • Instructions
      1. There will be a message that says "Password cleared!"
      2. To quit the application, type "!"
      3. Press Enter

     

  11. Back to Loaded Hives Selection
    • Instructions
      1. Type "q" to quit.
      2. Press Enter

     

  12. Writing back changes selection
    • Instructions
      1. Type "y" to save changes.
      2. Press Enter

     

  13. New Run Selection
    • Instructions
      1. Type "n" to quit
      2. Press Enter

 

Section 4: Proof of Lab
  1. Proof of Lab Instructions
    • Instructions:
      1. date
      2. Press <Enter>
      3. echo "Your Name"
        • Replace the string "Your Name" with your actual name.
        • e.g., echo "John Gray"
      4. Do a PrtScn
      5. Paste into a word document
      6. Upload to Moodle

     

  2. Poweroff Operating System
    • Instructions
      1. Type "poweroff"
      2. Press Enter

     

  3. CPU Disabled Message
    • Instructions
      1. Click OK

     

  4. Poweroff Virtual Machine
    • Instructions
      1. Virtual Machine --> Virtual Machine Settings --> Power Off
      2. Click Yes
     
Section 5: Configuring your original VMware back to play Windows XP
  1. Edit Virtual Machine Settings
    • Instructions
      1. Select Damn Vulnerable WXP-SP2
      2. Select Edit Virtual machine settings

     

  2. Configure CD/DVD (IDE) Settings
    • Instructions
      1. Select CD/DVD (IDE)
      2. Select the Use physical drive: Radio Button
      3. Select Auto detect
      4. Click on the Options Tab

     

  3. Configure Operating System Settings
    • Instructions
      1. Select General
      2. Guest operating system: Microsoft Windows
      3. Version: Windows XP Professional
      4. Click on the OK Button

     

  4. Start Damn Vulnerable WXP-SP2
    • Instructions:
      1. Click on Damn Vulnerable WXP-SP2
      2. Click on Play virtual machine

 

Section 6: Logging into Windows after password was cleared
 
  1. Login as user administrator (See Below)
    • Instructions:
      1. Remember you cleared the password, so leave the password field blank.
      2. Click on OK.

 

Section 7: Set Administrator's Password
 
  1. Open Control Panel
    • Instructions:
      1. Start --> Control Panel

     

  2. Open User Accounts
    • Instructions:
      1. Click on User Accounts

     

  3. Open the Administrator Account
    • Instructions:
      1. Click on Administrator

     

  4. Select Create a password
    • Instructions:
      1. Click on Create a password

     

  5. Create a password for your account
    • Instructions:
      1. Type a new password:
      2. Type the new password again to confirm:
      3. Click Create Password

 



Help ComputerSecurityStudent
pay for continued research,
resources & bandwidth