xp passwords

hi. I'm Jason. I'm new here and I am asking for help everywhere so if you have an answer to my problem then please e-mail me as I will probably forget to check back here.

ok so my dad wanted to change the administrator password on his computer. he didn't know that XP had a built in control panel applet to do that so his IT guy at work gave him some unix code to change it. the only problem is that XP has 128 bit encryption and NT doesn't. also NT is based on a 16-bit design and XP is 32. so when he applied the new password, the computer crashed. we can't get it to boot anymore. we did a non-destructive system-restore from HP and now windows says that it recieved an illegal instruction from lsass.exe. I have taken teh hard drive out and put it into my computer and I used a program called cain and abel to try to crack the administrator password because we can't log into the recorevy console on an XP startup disk. it's weird because teh administrator account doesn't have any hashes to crack, but when you just hit enter in teh recovery console, nothing happens! it says that was the wrong password. PLEASE E-MAIL BACK!!!!!! Jwborc39963@yahoo.com. this is my family's business computer and if we don't get this fixed, we could lose a lot! we need ot keep the ifles and programs on the computer because they are business related. PLEASE E-MAIL ME BACK!!!!

thanks,
Jason

erm....how the hell can unix code affect windows xp, they are completely diffrent operating systems.... :rolleyes:

erm....how the hell can unix code affect windows xp, they are completely diffrent operating systems.... :rolleyes:

uhhhh, a boot disk! you can boot from linux you know...

If you've put the hard drive into your computer, does it not let you copy your files so you can backup the files you need and then reinstall everything from scratch?

If The lsass.exe (Local Security Authority) process is blowing up after a system restore to a point where the SAM was before it was blown up with the bootdisk then the problems with lsass must be unrelated to whatever happened when the bootdisk was run, which is usually the SAM since that's where you're writing the new hashes to. There is a vulnerability in the lsass.exe process; my thought is that when you restored the system it was restored back to a point where this patch had not been installed yet. Just a theory...so test it out. Disconnect your internet connection and go into the Control Panel then Add/Remove Programs and see if "Windows XP Hotfix (KB835732)" is installed. If that's all it is then download the patch from MS on a floppy and go over and install it on the problem machine:

http://www.microsoft.com/downloads/details.aspx?FamilyID=3549EA9E-DA3F-43B9-A4F1-AF243B6168F3&displaylang=en

You probably blew up the SAM (Security Accounts Manager) when you mounted it with the Linux boot disk, it's the chance you take with those bootdisks. At one point I was appointed "Almighty Hackerish Puba" at my company because I was the only one in the IT department who didn't cringe at the mention of anything related to Linux or any other non-MS operating system...I had been messing around with the Offline NT password bootdisk and we had all these machines that nobody knew the Admin pw for so I was given "carte blanche" go around hacking up machines all day long with that bootdisk...it was pretty common to blow up the OS in some fashion when using that utility, I don't think XP is exempt to the bootdisk's capabilities or it's imperfections - you simply run a risk when you mess around with the SAM.