EEVblog Electronics Community Forum
Products => Test Equipment => Topic started by: EIKA on December 16, 2020, 09:23:25 pm
-
Hi all!
Looking for Rohde & Schwarz AMI BIOS 2.01.1204 Password. Default ones doesn't work.
-
Also looking for Windows XP password from 'instrument' account (local admin).
-
Windows XP passwords can be 'cracked' pretty easily nowadays using software like Ophcrack, you can either run that on the device or recover the SAM file and do it on a powerful computer but even on an older scope, the cracking shouldn't take more than an hour or two and you'll have the original password.
Not sure about the AMI bios one though, may be a bit harder.
-
Thanks for your reply. But sadly SAM file cannot be copied with no admin rights. PC cannot be loaded from Live CD with no BIOS password.
-
Can you not remove the HDD and access it in another PC?
Or boot from an external drive? Many PC systems will automatically boot from a USB or other drive, if the main drive is unavailable - you can disconnect it during boot if it is SATA type and reconnect it later as most SATA controllers support hot-swapping. This is not necessarily the case for IDE. But in any case if the drive is disconnected, the system should boot from the next available device, unless that capability is disabled.
-
isn't that old enough that you can nuke it by removing the battery?
-
is it the bios password or an windows admin session password these are different
-
Windows XP passwords can be 'cracked' pretty easily nowadays using software like Ophcrack, you can either run that on the device or recover the SAM file and do it on a powerful computer but even on an older scope, the cracking shouldn't take more than an hour or two and you'll have the original password.
Not sure about the AMI bios one though, may be a bit harder.
tom66,
Thanks for idea. Copied SAM and SYSTEM files and started hash calculations with 72 CPUs totally. Already found instrument's PW, but now want to get Adminstrator's one. After 2,5 days I will have a results of checking all the PW shorter than 8 symbols and containing all possible combinations of all ASCII symbols.
Will try BIOS PW finder then, like CMOSPwd 5.0. Not sure that it will work, but I will try.
2 ALL who suggestes to access HDD directly. Guys, I full understand your idea, and it's pretty obvious and clear. But I don't want to open the device for now, because it's sealed with R&S self-destructive sticker. So I want to work our everything without opening the device.
-
Well sometimes you have to open the device to recover the sam file and work on another system with a copy of it and use cracking software to do the job, yo do know windows once booted or even locked will protect the file
Or you could inject another admin account to recover the busted / locked one, Konboot in the past helped me to bypass login, but you need to boot on it ? usb or cd-dvd, i was able to recover a locked admin account on a server.
-
There's a few ways to escalate privileges and change an XP password.
1. Reboot into safe mode command prompt then you can use the "net" command to reset an account password.
2. Boot it from an XP CD or flash drive, select repair, select XP installation to repair and then advanced options, command prompt then use option 1
3. Boot as above and create a new Administrator account, reboot, login and reset the account password through the GUI
4. Boot to an offline password cracker and let it run.
BIOS password shouldn't be difficult to recover or reset, there are bootable BIOS password reset/cracker tools.
-
There's a few ways to escalate privileges and change an XP password.
1. Reboot into safe mode command prompt then you can use the "net" command to reset an account password.
2. Boot it from an XP CD or flash drive, select repair, select XP installation to repair and then advanced options, command prompt then use option 1
3. Boot as above and create a new Administrator account, reboot, login and reset the account password through the GUI
4. Boot to an offline password cracker and let it run.
BIOS password shouldn't be difficult to recover or reset, there are bootable BIOS password reset/cracker tools.
Thank you for your info, but as stated above, I already brute-forced password for the one of logins. So I know method #4.
Also, as follows my statement, I cannot select boot device (due to BIOS password protection). And methods 2 & 3 aren't applicable in my case.
-
you know now what option you have, remove the drive and brute force the password simple as that
sorry
If the other choices aren't possible, you're stuck with this one
-
coromonadalix
Damn! I was told TWICE, password has already been brute-forced.
Why you hate to read before answering???
-
eh sorry i'm not native english
Well now you have a login okay i follow, and yes you dont want to open your R&S thingy, but you ask us infos, and we give you suggestions the best we can.
Use any system info softwares like gpu-z try to find the bios maker and a bios file for your R&S, and you may find some windows bios flashing tools with options to reset the bios pw while flashing it.
I dont hate to read by the way, i may be slow loll
have you contacted R&S ? you haven't told us ... in first thread / post ....
-
BIOS is AMI BIOS 2.01.1204. Or, by another versioning scheme, 4.6.4 from 03/08/2012.
And sadly cmospwd-5.0 fails with this BIOS |O
-
I have BIOS ASCII and binary dumps. What's the next step? How to recover PW from it?
-
I am in BIOS. But it offers User level access only. I was able to get there just by pressing ENTER. But I need to get to the Admin level.
-
I have BIOS ASCII and binary dumps. What's the next step? How to recover PW from it?
Show us the dump.
-
Sure. Here is the dump in 2 formats: https://mega.nz/file/AtQQ3LTD#IylWmfR7HG7JHxJiZFgRkh4B7EizzuD9tg5dAUaStHc