Service Forum

[Overwhelmed]

Hello,

I have a T60 and I am not even sure what locks I have on. Like the title says, I am gonna need lots of help so I want to thank everyone first for their contribution, patience and assistance.

I have been doing some reading but there are many terms that are alien to me....i don't know what epprom is, i don't know what atmel is.... so basically i am a total and COMPLETE noobie.

I can access the bios so i don't think there is a bios lock and i can get to the windows logon screen but that is it.

How do I check which locks I have and don't have?? Basically, at the end of the day, I would like to have it ALL unlocked....( i don't know how to solder either - so i would like to avoid if possible)

Thanks,

Overwhelmed
_________________
lost, dazed & confused

[victor]

Hi,

I think your laptop is not locked. If you can enter BIOS and YOU CAN MODIFY AND SAVE THE SETTINGS, your laptop is not locked.
The HDD is not locked either.

The only problem you have is the WINDOWS logon password. This is very easy to override using a small linux script. You have to make a bootable disk and boot the script, it's free and accurate:

http://home.eunet.no/pnordahl/ntpasswd/bootdisk.html

Good luck!
_________________
Victor Voinea
ALLservice HQ, Romania.

[Overwhelmed]

i burned the disc and i loaded the disc (this took quite a long while actually) and i am following the instructions on the page and it is supposed to look like this:

=========================================================
. Step ONE: Select disk where the Windows installation is
=========================================================
Disks:
Disk /dev/ide/host0/bus0/target0/lun0/disc: 2147 MB, 2147483648 bytes
NT partitions found:
1 : /dev/ide/host0/bus0/target0/lun0/part1 2043MB Boot

Please select partition by number or
a = show all partitions, d = automatically load new disk drivers
m = manually load new disk drivers
l = relist NTFS/FAT partitions, q = quit
Select: [1]


but mine looked like this:

=========================================================
. Step ONE: Select disk where the Windows installation is
=========================================================
Disks:
NT partitions found:

Please select partition by number or
a = show all partitions, d = automatically load new disk drivers
m = manually load new disk drivers
l = relist NTFS/FAT partitions, q = quit
Select: [1]

which leads me to believe that the HDD may be locked - please correct me if i am wrong - and if this is indeed the case then, how would i proceed to unlock the HDD? or would it be easier to simply replace the HDD??

Thanks in advance,

Overwhelmed.
_________________
lost, dazed & confused

[bob]

Hi,

You said you can boot to windows logon screen, then is clear that your drive is not locked!
It is possible that the disk content to be encrypted, in this case you can do a quick test:
Press Thinkvantage button at POST time, and go into the service menu. (BTW if you can enter Rescue and Recovery, the HDD is not locked).
Here are some options you can choose, one of them is to restore the laptop to the manufacturer status, etc.

Another quick way is to boot from a Windows PE CD or a Knopix CD and browse the content of the HDD.

[Overwhelmed]

i tried loginrecovery and the result was the password was encrypted....

if i do the knoppix cd - what purpose would browsing the hdd be?? any other suggestions??

i got into the system with the knoppix cd....but it is all german!?!?! am i able to get the password or reset it somehow through knoppix??
_________________
lost, dazed & confused

[bob]

The purpose it to find out if your HD is encrypted or not. If you see the volumes and files there, then is not encrypted.

The Windows logon password must be wiped out. If you use the linux script that Victor told you before, just select the administator account and wipe out the password. Then reboot, press CTRL-ALT-DEL twice, enter administator acount and modify what you want in your laptop.
You could try to see if the administator password is blank anyway, before anything else.

[Overwhelmed]

i tried the linux script as noted before and i was simply going in circles.... but i have found this:

http://en.wikibooks.org/wiki/Reverse_Engineering/Cracking_Windows_XP_Passwords

and it appears quite promising!! but my only problem is finding out how to go from this:

Administrator:500:D4,A0,32,6E,9F,81,EF,F9,9D,7E,A7,88,09,89,E8,D8,C2:
_6D,42,3B,34,A1,B1,5C,E9,76,96,1E,E5,E0,C4,14,CF,XX:::

(You can see that the first comma-delimited field contains two hex digits instead of a 0, and it says "XX" at the end.)

You need to first subtract the hex value in the first comma-delimited field (here D4) from each of the other hex values in the hash, truncated to a byte (i.e. mod 256). So for example, for the first byte, A0 − D4 = CC.

Continue subtracting D4 from all the other bytes, and you get back the earlier format

to this:

Administrator:500:0,CC,5E,9A,CB,AD,1B,25,C9,AA,D3,B4,35,B5,14,04,EE:
_99,6E,67,60,CD,DD,88,15,A2,C2,4A,11,0C,F0,40,FB,XX:::

can anyone provide any assistance on "truncating hex values"

my hash is:

wkstn2001:500:2C,78,F0,80,04,1E,EA,EF,2A,13,65,E1,81,64,62,53,2E:_DE,FB,50,C7,0D,39,F2,35,42,61,CD,EE,8A,CF,0A,BA,XX:::

Administrator:1007:FC,EP,4F,79,55,DD,A3,65,8E,23,65,E3,FF,D7,7A,3A,97:_D5,AE,D8,5D,F5,D2,F1,B4,A8,87,3C,63,3D,32,99,D3,XX:::

thanks in advance
_________________
lost, dazed & confused

[victor]

The linux script works like a charm, just select to wipe the admin.
Anyway, seems like you like the hard way. I made the calculation for you.

For "wkstn2001" account, the final LM hash is 4CC454D8F2BEC3FEE739B55538362702:B2CF249BE10DC609D635A1C25EA3DE8E

BTW the admin account has an error, the second hex value is wrong- EP.

The decoding server is offline on that website. But you can use a telnet client ot connect to lmhdb.org (port 2501). or better download the direct client from here:
http://www.awarenetwork.org/home/rattle/projects/hcc/hcc.exe

Paste the hash and you will see the password is "F3TU8AYVB".
Sincerelly seems too strong to be good, so I hope I didn't do any mistake
_________________
Victor Voinea
ALLservice HQ, Romania.