Sunday, December 16, 2012

Find Microsoft Windows Files with Linux

The rainbow tables were unable to crack the password of the account with administrator access, though it did crack password for a non-administrator account.  The next approach, which will always work, is to boot the machine from another operating system that can mount the ntfs file system.  Then read every file.

Download Knoppix Live-CD and and create a bootable CD.

Turn on the PC and bring up the boot order menu.  This could be a press of the <esc> key or a function key.  Refer to your machine manual for the proper key press.

In a later step, an sftp server is useful.  If you need an sftp server for MS Windows, try Xlight FTP Server.

Allow Knoppix to boot into the windowing environment.
Mount the Windows filesystem.  Open File Manager (lower left corner) and click to "/media/sd2/Windows".

Open Terminal emulator (lower left corner).
cd /media/sda2/Windows
mkdir test
cd test

The following find will show errors when it finds the file it just copied.  Ignore those errors or send to /dev/null.  If desired, add lines for additional file name extensions.
find /media/sda2/Windows -name \*.bmp -exec cp '{}' . \;
find /media/sda2/Windows -name \*.jpg -exec cp '{}' . \;
find /media/sda2/Windows -name \*.jpeg -exec cp '{}' . \;
find /media/sda2/Windows -name \*.pic -exec cp '{}' . \;
find /media/sda2/Windows -name \*.pict -exec cp '{}' . \;
find /media/sda2/Windows -name \*.png -exec cp '{}' . \;
find /media/sda2/Windows -name \*.psp -exec cp '{}' . \;
find /media/sda2/Windows -name \*.tif -exec cp '{}' . \;
find /media/sda2/Windows -name \*.tiff -exec cp '{}' . \;

find /media/sda2/Windows -name \*.avi -exec cp '{}' . \;
find /media/sda2/Windows -name \*.mov -exec cp '{}' . \;
find /media/sda2/Windows -name \*.mp4 -exec cp '{}' . \;
find /media/sda2/Windows -name \*.mpg -exec cp '{}' . \;
find /media/sda2/Windows -name \*.vob -exec cp '{}' . \;
find /media/sda2/Windows -name \*.wmv -exec cp '{}' . \;


Create compressed file.
zip imgfiles *
ls -l imgfiles.zip

Transfer the file to another machine.  
Use the network if hardwired or wireless is configured.  Midnight Commander, a GUI ftp, is available on Knoppix.  Or use sftp.
mc
sftp <ipnumber>

Wednesday, December 12, 2012

Recover Windows Vista Password

A friend had two laptops from his son (who died).  He didn't know the passwords and wants to retrieve the photos on the laptops.

Download the free Ophcrack live CD and burn it with ISO Recorder.  ISO Recorder can be found by right-clicking the file iso file to burn:

Boot the Ophcrack CD and let it run.  It can quickly use rainbow tables, those this won't break every possible password.  Brute force is needed to break every possible password.  If it doesn't find a password, make sure all of the tables are installed.




Sunday, December 09, 2012

Microsoft Windows 8 Upgrade

A desktop 4 core PC has Windows Vista (virus) so it suffers from frequent hangs for no apparent reason.  No amount of patching and disabling services has cured it.

Microsoft Windows 8 upgrade is currently offered at $39.99, including Media Center upgrade to play DVDs.  The upgrade was surprisingly pleasant.  As promised, data files were saved and everything else was removed during the clean install.  After the install, don't forget to request the Media Center upgrade key.


Screen shots of the Windows 8 upgrade process.

Checking compatibility


Price and license agreement


Choose to create media or download on the fly

Choice to keep personal files and settings

Install


Personalize color scheme

 Express settings, or not

Sign in means to sign in to web account.  Downloading apps through web store will require this account.

Installation complete

Begin re-installing applications and customizing.