Hail is an odd thing, or at least it is in Monterey. The last thing you expect to be doing is sitting outside in the cold, feel it warm up slightly and then ZING! Hailstone to the skull! I sat there for a moment wondering if it was a rock. I tried to finish out my message in AIM to Cyn about OP sound tracks. ZING! My hand was stinging and I almost dropped Wizard (my pocket pc) into the unforgiving concrete. I quickly tucked it away and made for shelter. I had been there for maybe a minute when the upstairs department called "sky" decided to bless us all with rocks of frozen rain. I saw from the safety of the doorway people in the main quad running for shelter as ice pelted them and tried not to laugh. A few people slipped on the grass in the middle of the hailstorm; I laughed a bit more. I then remembered the throbbing in my hand from a single one of those shards of ice. Okay, yes, I still laughed, shut up. I would fully expect all of you to laugh at me if I ever fell flat on my ass in the middle of a torrent of ice falling from the skies above. This also seems to sum up the last 24 hours or so for me: little stinging incidents followed by amusing related moments or other assorted things that made me smile.
I got to bed a bit early last night, mostly because I was having a hard time sleeping lately and figured I would get a jump on the night hours' struggle. This plan worked a bit too well and I was up well before my AM class. Since I had some time, I decided to give the whole DCC thing another go. I got a few episodes, some MP3s, and even got my file server working. For having not touched DCC in the longest time, I was quite happy with myself. I remembered why IRC was the most common form of distribution as well. No need for file servers, you can control your own rules, you don't have any costs involved, and you don't have to do any of the work. This also works a lot better than BitTorrent for older episodes, even though there were only a few people serving them. Of course, the other thing I had going for me was most of my experimentation was done on campus computers, where a simple reboot erased all evidence of me ever doing anything.
Let me take a moment here to explain. All campus computers are equipped with a program called DeepFreeze. What this program does, is provide a fake image of the hard drive, which is simply destroyed and recreated when the computer resets. It seems to do this by pushing the accessed files into memory, and it also doesn't discriminate against what files are being reset. This is great for basic things. However, this also means all security related logs are reset every time the machine is rebooted. You can hack on these boxes all you want, and when it resets, all is well again. Unless you boot from floppy. Yes, you heard me right, and those of you who are computer nerds know the dangers of booting from floppy. So, here is the nifty theory I developed:
1- Boot into Linux from a floppy. This is so easy to do, but I should explain it here. The Linux operating system needs very little to start, much in the same way that DOS needs very little to start. Once you start the Linux boot, you only need a few other things.
2- NTFS Loader. In order to use the drives formatted in Windows 2000, you need special drivers. This is because Windows 2000/XP use their own format for the drive. There is a free NTFS loader for both DOS and Linux, but for this (since we are in Linux) we need that one. Loaded and done.
3- Mount NTFS volume. We need to in Linux mount the drive so we can access it. Get your mind out of the gutter, let's move on.
4- Create a ramdrive. Another Linux utility that lets you create a "fake hard drive" in memory and mount it. We need somewhere safe to keep the files we are working on.
5- Copy SAM, SECURITY, and SYSTEM from %systemroot%/system32/config to the ramdrive. Yes, you read that right. What that really means is that the Windows 2000/XP passwords are sitting right there on the HD, begging to be worked over. I won't go into the details about things like SYSKEY, you just want all three files.
6- chntpw. The second to last piece. You can change any NT password using this. It will manipulate the files on your ramdrive with a nice and pretty interface (as far as text goes). If you want to know more about the SAM file and NT's hashing, lots of places on the Internet have info.
7- Write SAM back to the drive. Technically after this you unmount the drives then reboot, but if you are actually this far, then I don't need to explain this.
Around DeepFreeze you should go since it is loaded by the HD, and then when Windows kicks in, you have your new passwords. I haven't tried this yet since HH has promised me a machine to test this on, but I look forward to breaking it as proof of concept. I even have the boot disk made. Hell I am certain someone has already made an image that does the above. (Update: Someone has already)
Who's feeling nerdy? Yeah, that's right.
In response to "Aw Hail No":
it is a good day to try it now