Tuesday, September 23, 2008

Locked yourself out of Vista?

During some computer hardening work i managed to lock myself out of the system completely. Unfortunately it is a standalone system, so no re-apply domain gpo was possible. Also the restrictive firewall settings and sharing configuaration did not allow me to use any of the leet tricks like psexe, remote registry etc.

Because i still had physical access to the system i tried to delete the .pol file on the system at c:\Windows\System32\GroupPolicyUsers\

So i still was locked out and was trying every trick i know...until i came up to this one:

1) Download the chntpw iso at http://home.eunet.no/pnordahl/ntpasswd/bootdisk.html
2) Boot system with that one and use the registry editor to go to the SYSTEM hive
2) Cd into the Setup key
3) Edit the CmdLine value to cmd.exe
4) Edit the SetupType value to 2
5) Reboot and you will get a dosbox
6) Start mmc or gpoedit.msc
7) type Exit.

Coooool....

thanks to the original idea poster over here: http://forums.techarena.in/windows-security/678964.htm