Registry Values

  • Thread starter Thread starter neeleshb
  • Start date Start date
N

neeleshb

Hi
I need to check if passwords have been set for Administrator and user
accounts in the registry.
Please could someone assist me in finding the string and exact
value(s) in the registry.
 
neeleshb said:
Hi
I need to check if passwords have been set for Administrator and user
accounts in the registry.
Please could someone assist me in finding the string and exact
value(s) in the registry.
Click to expand...

Passwords are "hashed", which means you cannot find out
from the registry what they are. However, you can try to
log on under these accounts with blank passwords.
Alternatively you could start a child process, using "runas.exe",
again with a blank password.
 
Passwords are "hashed", which means you cannot find out
from the registry what they are. However, you can try to
log on under these accounts with blank passwords.
Alternatively you could start a child process, using "runas.exe",
again with a blank password.
Click to expand...

Hi
Thanx for the help, but unfortunately i need to find out specifically
from the registry if user accounts have passwords set.
The reason being, i need to write a script to find this information on
3200 windows xp machines and populate it in a report for auditing
purposes.
 
neeleshb said:
Hi
Thanx for the help, but unfortunately i need to find out specifically
from the registry if user accounts have passwords set.
The reason being, i need to write a script to find this information on
3200 windows xp machines and populate it in a report for auditing
purposes.
Click to expand...

This is getting a little confusing. Are you saying that you have
3200 machines and that each of them has a number of
local accounts and that you need to check each local account
on your 3200 machines? What about central account
administration, e.g. in a Windows domain? That's where you
set the rules for password complexity!
 
This is getting a little confusing. Are you saying that you have
3200 machines and that each of them has a number of
local accounts and that you need to check each local account
on your 3200 machines? What about central account
administration, e.g. in a Windows domain? That's where you
set the rules for password complexity!- Hide quoted text -

- Show quoted text -
Click to expand...

Each pc belongs to a work group. so there is the catch.
I need to report to the auditors that each machine infact has a
password set.
I am usind a system called landesk to do inventory. I need to find the
value in the registry to say a password is set. I dont need the
password. If i have the string, then i can use landesk to draw a
report for each machine.
 
neeleshb said:
Each pc belongs to a work group. so there is the catch.
I need to report to the auditors that each machine infact has a
password set.
I am usind a system called landesk to do inventory. I need to find the
value in the registry to say a password is set. I dont need the
password. If i have the string, then i can use landesk to draw a
report for each machine.
Click to expand...

You should not ask if a password is "set" - the question is
really if the password is a blank or not. There are some tools
that let you extract hashed passwords, e.g. pwdump.exe,
pwdump2.exe or samdump.exe. I do not know if they will
run under Windows or if they require a reboot with a Linux-
style boot disk.

The alternative is, of course, to access each machine from
a central machine like so:

psexec \\PC401 -u administrator -p "" cmd /c dir c:\

You will find that the error message for this command is different
if a password is blank than if it is incorrect.

You can download psexec.exe from www.sysinternals.com.
 
Back
Top