Daily Cup of Tech

Sometimes it takes the worst of situations to bring out the best in us.  This is what happened to me the other day.  A woman comes into the office that I work in, obviously quite distraught.  We quickly discover that she is the widow of a popular local doctor whom recently passed away suddenly.  She was carrying with her a laptop and was looking for some help.

It appears that when her husband passed away, he did not leave a record of the user names and passwords for his laptop and there was a lot of information on the system that she would be needing in the near future.  She was hoping that we could help.  Of course we could.

We Hate F8! We Hate F8!

Initially, I assumed that the users would not have changed the default administrative password from blank.  So, all I needed to do was use F8 when booting, go into safe mode, then create a new account with administrative access.

Unfortunately, F8 was disabled on the system and the only way to enable it was to log into Windows.  Time to look for something else.

Linux To The Rescue…NOT

My next reaction was to try one of the Linux based password recovery tools.  There are a number of boot CDs out there that boot a small Linux kernel and then attempt to recover the password.  After trying two different boot CDs, I quickly came to the realization that Linux was going to be of no help this time around.

It just so happens that this was no ordinary laptop.  This laptop was a Dell XPS M1730.  And, it came with dual hard drives running off a RAID array using the Intel Matrix Storage Manager.  And, it had no Linux drivers.

Ask Bart

So, how was I going to proceed.  It was obvious that there was no way to get access from a download and boot Linux CD.  Then I thought of Bart.  Since BartPE creates a self-contained bootable Windows CD, this might do the trick!

I got together the following items:

1. A blank CDR
2. A copy of the latest BartPE package
3. The RAID drivers
4. A copy of Windows XP Pro with Service Pack 1 (Sorry, you’re on your own for that one)

I installed the BartPE package to C:\pebuilder3110a on my hard drive.  Then, I extracted the drivers that I got from the Dell website and placed them in the C:\pebuilder3110a\drivers\SCSIAdapter folder in a directory called iastor. The \drivers\SCSIAdapter folder is where you can put any number of non-standard drivers that will automatically load then you boot the BartPE CD.  (For more information on the on adding drivers to a BartPE CD, see their Adding drivers page.)  I then proceeded to create the BartPE image and burn it to CD.

Getting the Files

The next step was to get access to the laptop.  I put my newly minted CD into the laptop and booted the machine from it.  Everything worked like a charm and on first try, too! (That almost never happens for me!)  I was able to access the files on the RAID array without any problem.

Now, I could probably have stopped here and copied the files that were needed to a USB drive or even burned them to a CD/DVD.  But, I wanted to provide full access to the system so that they would not have to keep coming back to me for help whenever they wanted to get something off the computer.  I would have to get the passwords for her.

All Your Passwords Are Belong To Us

To start the process of password recovery, I needed to get a few things:

1. USB flash drive
2. ophcrack password recovery software
3. Vista password tables for ophcrack

I booted the laptop one again with the BartPE disk and made sure the USB flash drive was available to the system on boot up.

Next, I started to look through the system and I searched for two files:

• C:\Windows\System32\config\SAM
• C:\Windows\System32\config\SYSTEM

I copied these two files over to the flash drive, took out the flash drive and shut down the computer.

I then installed ophcrack on my other computer and installed the Vista tables.

Next, I used the Encrypted SAM option to load the files into ophcrack.  It immediately recognized all of the accounts that were on the system.  It also indicated that the Administrator account and the Guest account had blank passwords.  That means that if F8 had been available, I could have gotten into the system in Safe Mode (stupid F8).

So, I started the password recovery process and DING! 29 seconds later I had all of the passwords for the three other accounts on the system.  I tried all three and they all worked.

Looking back at the passwords now and the hints that were given in Windows for the passwords, I was on the right track to guessing them but this was a much quicker process.

Lessons Learned

Through all of this, I have learned some lessons about security, passwords, and computers:

1. Unless you encrypt your hard drive or use some other form of access other than a password (e,g, biometrics, smart card, etc.), it is relatively trivial for someone to get your passwords if they have physical access to your system
2. Someone does not have to have physical access to your system the entire time they are trying to hack your password.  Simply grabbing a couple of files from your computer takes a couple of minutes and they can hack away at your system at their convenience
3. In the event of your untimely passing, would your loved ones know how to get access to your computer, e-mail, Internet accounts, etc.?  If not, you may want to consider a way of getting that information to them

Trackback link - http://www.dailycupoftech.com/2009/02/26/vista-password-recovery-helps-widow/trackback/

I just ran across this and thought that it would be helpful to everyone out there. This is a direct cut and paste from their website:

Free Windows Tools

Desktop Central provides a set of free Windows tools that Windows Administrators might require on a day-to-day basis. It has a set of ten tools, viz: Wake on LAN, GPO Update, Shutdown/Restart Tool, Software Inventory Tool, Join/Unjoin Computer Tool, Remote Task Manager Tool, Currently Logged On User, Hard Disk Space Detector Tool, Local Users/Groups List Tool, and Remote Command Prompt Tool. This is very handy as it can be performed on multiple computers simultaneously. These tools are made available from the Desktop Central family and is provided as a separate download, which is absolutely free to use.

Wake on LAN Tool

Utility to boot computers in the network (LAN) from remote. It allows the administrators to boot multiple computers simultaneously. The Administrator has to just specify the IP Address, MAC Address and the Subnet Mask of the computers to wake them up.

GPO Update Tool

Utility to perform a GPO Update in the computers of a Windows Domain. GPOs are used to send configuration instructions to user and computer objects in the Windows Active Directory. By default, the GPO updates happen periodically, every 90 minutes. This utility helps the Administrators to perform a GPO Update on-demand on multiple domain computers simultaneously.

Shutdown / Restart Tool

Utility to shutdown or restart the computers of a Windows Domain. The Administrator can specify a common credential to perform this operation on multiple computers and can select the computers by specifying the Domain Controller.

Software Inventory Tool

Utility to retrieve the details of the software installed in the computers of a Windows Domain. The Software details include Software Name, Version, Manufacturer and Usage statistics. The software details can be exported as txt and csv formats.

Join/Unjoin Computer Tool

Utility to move a computer from one domain to another or from a domian to a workgroup or from a workgroup to a domain. It also provides the ability to restart the computer after this operation. The status of the operation is also displayed at the bottom of the window.

Remote Task Manager Tool

Utility to view the processes running in a remote computer along with its details like, Process ID, Memory Usage, Session ID, Priority, etc. It also provides an option to select the parameters to view. Apart from just viewing the processes, the administrators can also terminate a process.

Currently Logged On User

Utility to retrieve the details of the users logged on to a remote computer. The Administrator can specify a common credential to perform this operation on multiple computers and can select the computers by specifying the Domain Controller.

Hard Disk Space Monitor Tool

Utility to retrieve the information about the Hard Disk like Partition/Drives, Volume Name, Total Size, Free Space, and File System. The Administrator can specify a common credential to perform this operation on multiple computers and can select the computers by specifying the Domain Controller.The results can be exported to a CSV or Text format for a later reference.

Local Users/Groups Tool

Tool to get the information about local users and groups in the remote computers. The user details include, Computer Name, User Name, Full Name, Caption, Status, etc. The group details include, Computer Name, Group Name, Caption, Description, and Status. The Administrator can specify a common credential to perform this operation on multiple computers and can select the computers by specifying the Domain Controller.The results can be exported to a CSV or Text format for a later reference.

Remote Command Prompt Tool

Free tool to open a command prompt of a remote computer and execute a command. The remote computer can be in the domain or a workgroup. The administrator has to specify a credential that has necessary privileges to execute the commands. The computer can be either specified manually or selected by speciying the Domain Controller.

Trackback link - http://www.dailycupoftech.com/2009/01/30/free-windows-desktop-management-tools/trackback/

People will often ask me why I use two different products for remotely accessing computers. My response is simple.  It all depends on whether I am performing remote control or remote support functions.

I use remote control when I am in complete control over a computer.  For example, I remote control my home computers from work.  In general, there is usually nobody around who can do things for me at the other computer so I need to make sure that I can do whatever I need from the other side.  My preferred remote control product is LogMeIn since it allows me to remotely access my system from anywhere, regardless of who is on the other computer.

Remote support, on the other hand, is something I usually perform on a computer that is controlled by someone else and that other person is available to help.  I usually use remote support when I am helping someone fix their computer or when they want me to show them how to do something on their system.  I generally will use CrossLoop for remote support of computer systems.  It keeps the computer owner in control and gives them the security of knowing that I cannot just connect in to their system whenever I want but it allows them to give me access when they need help.

Trackback link - http://www.dailycupoftech.com/2008/09/10/remote-control-vs-remote-support/trackback/

Windows has had a search option for a very long time. The problem that I have with it is two-fold:

1. It is slow
2. The indexer is a real
3. resource hog

So, a long time ago, I learned how to index all of the files on my computer that provides me with accurate results in a fraction of the time. And, the index is completely portable so I can keep a copy of the index on my USB drive so that I can tell my wife exactly where that file is on my computer at home that I need at work.

How exactly is this done? Read on.

Create the Index

The index is really nothing more than a text file listing every single file that is on your computer’s hard drive. To create the index, simple go to a command prompt and type the following:

dir c:\ /s /b>>fileindex.txt

Wait for a couple of seconds and it will be done. If you want to add more hard drives to the index, simply retype the command and change the c: drive letter in the command to the other drive letter you want to index.

Search the Index

The next step is to search the file index for a file you are looking for. Let’s say you are looking for a file with the word “accounting” in it. You would use the following command to get a list of all the files with the work “accounting” in them:

find "accounting" fileindex.txt

You will instantly get the results. No waiting!

Updating the Index

Since it is so quick and easy to build the index, to update the index all you need to do is delete the fileindex.txt file and recreate the index just like you did earlier.

Suggestions

What you may want to do to simplify the process is create a couple of batch files to simplify the process. For example, you could create a batch file called MakeIndex.bat that would delete the fileindex.txt file and then rebuild it with information from all of your hard drives. This file may look something like this:

@echo off
del fileindex.txt
dir c:\ /s /b>>fileindex.txt
dir d:\ /s /b>>fileindex.txt

You could also create a file called WhereIs.bat that will find your files easier for you. It might look something like this:
@echo off
find %1 fileindex.txt

Now, all you would have to type is:

WhereIs "accounting"

This will give you the same results!

Trackback link - http://www.dailycupoftech.com/2008/08/28/diy-file-index/trackback/

There are several situations where it would be to your benefit to listen to a WAV file rather than read a text file.

• When you are driving home.
• Someone who is visually impaired.
• You do not want the contents of a text file edited.

So, I started looking into how difficult it would be to create such a program. As it turns out, not very difficult.

I used AutoIT to create a simple executable that lets you either double click on the program and select a text file or drop a text file right on it. It will then automatically create a WAV file with the same name in the same folder as your original file.

You can download the MakeWAV application for free.

Also, if you are interested, here is the source code that you can copy and compile to make your own application. It’s open source so have fun!

#NoTrayIcon

Opt("MustDeclareVars", 1)
Dim $strTXTFile ;Name of the text file to convert to a WAV
Dim $strWAVFile ;Name of the WAV file to create
Dim $strTextData ;Text information to convert to a

WAV file

If $CmdLine[0] > 0 Then
$strTXTFile = $CmdLine[1]
Else
$strTXTFile = FileOpenDialog("Select Text File...", @MyDocumentsDir, "All (*.*)|Text files (*.txt;*.csv;*.log;*.msg;*.asc)", 1)
EndIf

If Not FileExists($strTXTFile) Then Exit

$strWAVFile = StringLeft($strTXTFile, StringLen($strTXTFile) - 3) & "wav"
$strTextData = FileRead($strTXTFile)
SplashTextOn("", "Creating WAV file. Please be patient.", 275, 20, -1, -1, 1)
_MakeWAV($strTextData, $strWAVFile)

Func _MakeWAV($strSentence, $strFileName)
Dim $oVoice ;SAPI voice object
Dim $oFilestream ;SAPI file stream object
$oVoice = ObjCreate("SAPI.SpVoice")
$oFilestream = ObjCreate("SAPI.SpFileStream")
$oFilestream.Open($strFileName, 3, False)
$oVoice.AudioOutputStream = $oFilestream
$oVoice.Speak($strSentence)
$oFilestream.Close
$oFilestream = 0
$oVoice = 0
EndFunc ;==>_MakeWAV

Trackback link - http://www.dailycupoftech.com/2008/08/27/convert-text-into-wav-files/trackback/