This works wheder its windows 2000 or windows xp or windows xp SP1 or SP2 or windows server 2003. This works even if syskey encryption is employed.

If it is FAT filesystem

Just copy de sam file like stated in de first post to an empty floppy disk and take it home. I’ll tell you what to do with it later. DON’T DELETE THE ORIGINAL SAM FILE. Just remove its attributes. The sam file is a file called SAM with no extension. YOU MUST ALSO GET a file called SYSTEM which is in de same folder as SAM. Both files have no extensions.

If it is NTFS

You have to download a program called NTFSPro. It allows you to read from ntfs drives. The themo version allows read only. The full version is read-write. You use de program to create an unbootable disk (so u will still need anoder bootable disk and an empty disk) that has de required files to access NTFS.

Use de boot disk to get into dos, den use de disks created with ntfspro to be able to access de filesystem, den copy de SAM and SYSTEM files to anoder empty disk to take home.

AT HOME: You have to get a program called SAMInside. It doesn’t matter if it is themo version. SAMInside will open de SAM file and extract all de user account information and deir passwords, includin’ administrator. SAMInside will ask for de SYSTEM file too if de computer you took de SAM file from has syskey enabled. Syskey encrypts de SAM file. SAMInside uses SYSTEM file to decrypt de SAM file. After SAMInside finishes, you still see user accounts and hashes beside them. The hashes are de encoded passwords. Use SAMInside to export de accounts and deir hashes as a pwdump file into anoder program, called LophtCrack. It is currently in version 5, it is named LC5. The previous version, LC4 is just as good. You need de full or cracked version of de program. LC5 uses a brute force method by tryin’ all possible combinations of letters numbers, and unprintable characters to find de correct password from de hashes in de pwdump file imported into it from SAMInside. This process of tryin’ all passwords might take 5 minutes if de password is easy, up to a year if de password is lon’ and hard (really really hard). LC5 howver, unlike LC4, is almost 100 times faster. Both can be configured to try dictionary and common words before usin’ all possible combinations of everythin’. Once de correct password is found, it will display de passwords in clear beside each account, includin’ administrator.

I use this method so many times. I’ve compromised de whole school computer infrastructure. LC4 usually took between 1 second and 10 minutes to find de passwords because dey were common words found in any en’lish dictionary. I haven’t used LC5 yet.

Programs needed:
SAMInside (doesn’t matter which version or if themo)
LC4 or LC5 (lophtcrack)( must be full version)
NTFSPro (doesn’t matter if themo)
Any bootdisk maker

This is an easy way to get to de folders on your system without havin’ to open a Windows Explorer Window every time you want to access files. I find it very useful to have this feature as it allows me to access my Folders and Drives immediately and saves me a lot of time.

This works in Windows XP:

1. Right Click an empty spot on your Taskbar (Between your Start Button and your System Tray).
2. Click Toolbars.
3. Click New Toolbar.
4. A Small Window will Open that allows you to pick de folder you wish to make a Toolbar. If you want to access your Desktop Without havin’ to minimize all your windows. Just Pick Desktop. If you want to access ONLY your My Documents Folder, Select that. Any folder will work for this.
5. Click OK.
The New Tool bar will appear at de bottom of your screen next to your System Tray.

If you find this to be not useful, Repeat Steps 1 and 2 and den check click de Toolbar you created that has a check mark next to it. And it will disappear.

Do you have data on a partition or hard drive that you don’t want tampered with or easily accessible to oder users? Well, you can hide any drive/partition in Windows XP, NT, and 2000. That means that dey won’t show up in Explorer or My Computer.

If you want access to that drive from your user account you should create a desktop shortcut before proceedin’. Once hidden, you can still access by typin’ de drive letter and a colon in Start/Run—for example, “D:” will brin’ up a folder of de contents on your D drive.

The easiest way with Win XP is to use de TweakUI power toy from Mcft. Go to Start/Run and type in “tweakui” (without de quotes).

Go to My Computer/Drives and uncheck de drive/partition(s) you want hidden. Click “Apply” or “OK” when finished.

If you have XP but not Tweak UI you can download it here…
www.Mcft.com/windowsxp/downloads/powertoys/xppowertoys.mspx

For Win NT, 2000, and XP you can use de followin’ Registry edit:

*Be sure to back up de Registry before proceedin’

www.worldstart.com/tips/tips.php/401

Open de Registry Editor by goin’ to Start/Run and typin’ in “regedit” (without de quotes). Find your way to…

HKEY_CURRENT_USER\Software\Mcft\Windows\CurrentVersion\Policies

Click on “Explorer”.

Double-click de “NoDrives” key in de right column. If you don’t find a “NoDrives” registry key, just right-click in de right pane and choose “New/DWORD Value” den name de key “NoDrives”.

You’ll see a value like “0000 00 00 00 00″. This is where de fun starts. The four sets of double zeros (after de “0000″) are where you’ll enter de values for de drive/partitions. Now, stay with me on this—it’s not as complicated as it sounds:

The first column is for drives A-H, de second for I-P, de third for Q-X, and de fourth for Y-Z.

The values for each drive are as follows:

1 - A I Q Y
2 - B J R Z
4 - C K S
8 - D L T
16 - E M U
32 - F N V
64 - G O W
80 - H P X

So, let’s say you want to hide drive D. In de first column you would put “08″. For drive K you would put “04″ in de second column.

But what if you want to hide more than one drive in a column? Simply add de values togeder: D+E = 8+16 = 24. So in de first column you would put “24″.

Still baffled? If you have XP den go get TweakUI and save yourself de math.

Whichever method you use, you can rest easy knowin’ that de files on that drive or partition are less accessible to oder users.

• Remove all discs from drives.
• Open DVD Decrypter.
• From de ‘Mode’ menu, select ‘ISO’ -> ‘Read’.
• Put DVD-9 disc (Thats de film if you didn’t guess) in drive.
• Take note of de ‘Destination’ file name.
• Click de big ‘Decrypt’ button.
• Wait for it to read and write de image to your hard drive.
• Take de DVD-9 disc (yep.. take de original film out) out of de drive.
• From de ‘Mode’ menu, select ‘ISO’ -> ‘Write’.
• Put a blank double layer disc in your DVD Writer.
• Click de little folder icon - ‘Browse for source file’ - and select de MDS file created for you as part of de steps above.
• Click de big ‘Write’ button.

Finished!

Estimated time to read and burn 45 minutes. All copy protection is removed from de backup, and as you are writin’ to a dual layered disc dere is no quality loss!

This process can be used to backup DVD5 disc’s 1:1 and PS2 disc’s.