Bypassing Safeboot Security System 4.2

Viewing 14 reply threads
  • Author
    Posts
    • #4428
      lsullivan64
      Participant

      Hi,

      I have been brought in by a company that has let go about 22 employees.  Each had a lap top which is protected by Safeboot Security System 4.2.  I have the log in for the Safeboot, but not the log in for the user on the computers.  I need to crack the passwords for the user accounts on the computers, actually I can erase it.  Has anone ever dealt with this?

      Thanks

    • #27865
      timmedin
      Participant

      @lsullivan64 wrote:

      I need to crack the passwords for the user accounts on the computers, actually I can erase it.

      What are you looking to do? That sentence doesn’t make sense to me?

    • #27866
      lsullivan64
      Participant

      I have the  computers.  I have the user and Password for Safeboot.  I don’t have the windows User and password.  I can either break the password or I can erase it. 

      I need to get past safeboot.  When i boot the computer I put in the safeboot user/pass and get to the windows log in.  Is there a way i can run a tool to remove the password?

      Any ideas would be apreciated.

    • #27867
      unsupported
      Participant

      IMHO, this does not sound kosher.  If you have the password for Safeboot, the company should also be able to provide you with the local administrator user name and password.

      What is your end goal with the systems beyond getting user names and passwords?

    • #27868
      rattis
      Participant

      if you have a domain controller, you can change the passwords on the DC and when the boxes connect to the network, you should be able to get into the systems after.

    • #27869
      lsullivan64
      Participant

      Hi,
      I don’t have the domain controler.  Because of some “Not Kosher” activities by people in the IT department I have been brought in. I have nothing to do with the company other than the “Higher Ups” hired me. 

      The end goal is the company wants to look at the computers to try to see who was involved in the activites that were bad.  If you want more inf I can let you know.  Put at hotmail dot com after my user name and I can provide.
      Thanks

    • #27870
      3PIL0GU3
      Participant

      If your tring to find bad activities wouldi it be more worthwhile taking an incident response/forensics approach to this problem

    • #27871
      lsullivan64
      Participant

      The bad activity is already known. It is more trying to find out who is actually involved. There will be no legal action. 

    • #27872
      timmedin
      Participant

      Try Kon-Boot

    • #27873
      lsullivan64
      Participant

      I looked at kon Boot.  Not sure it could help.  The trick is having to boot up and log into Safeboot then get past the windows password.  I don’t see hoe kon boot can let me do that.

    • #27874
      unsupported
      Participant

      Couldn’t you do the quick and dirty method of running a repair and wiping out the SAM database?  Is that even possible with newer MS OS?

      Just a thought.  But I still think this is a little fishy. 🙂

    • #27875
      lsullivan64
      Participant

      My understanding is that if you wipe any passwords without dealing with the disc encryption you will only have a brick left. 

    • #27876
      timmedin
      Participant

      I don’t know if Kon-Boot would work but it might. I would suggest trying it. All it does is load its code then calls the normal boot loader.

    • #27877
      mulberry
      Participant

      I’m pretty sure FTK 3 claims to deal with safeboot ( presumably when psswd is supplied ) but then again FTK 2 was going to break eggs with a big stick !

      But I don’t really get why the win admin login is a barrier IMHO I think you maybe want to re consider the methodology ? Even maybe a logical image ?

      Mulberry

    • #27878
      mulberry
      Participant

      Sorry – I take back my last paragraph – I do now get it. 😉

Viewing 14 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?