Walker News

How To Prevent TRK Crack Windows 7 Administrator Account?

While the Trinity Rescue Kit (TRK) is a useful tool for computer that cannot boot up normally, this customized Linux distribution can also be one of the most dangerous tools when it is on the hand of black hat hackers. As the Chinese idiom said: “water can take boat as well as sinking the boat (水能载舟亦能覆舟)”.

To enlighten you how could this useful toolkit turns bad and how could you prevent the bad guys from breaking into the Microsoft latest Windows 7 system, I share what I have tested just now, for education purpose only.

Remember, everything in Linux is case-sensitive, so as TRK:

1) Boots up the Windows 7 computer from TRK bootable CD/DVD-ROM or USB flash drive.

2) Run winpass -u Administrator or replace the “Administrator” with any other Windows user account of administrators group (for example, winpass -u Walker).

3) Select the discovered Windows installation from the list and then choose Option 1 to reset the said Windows account password to blank / empty.

4) If the password cleared successfully, you should notice that TRK automatically create a backup copy of SAM file as SAM.trk. Take note of the Windows OS hard disk drive device file in TRK (in my screenshot, it is hda2).

How could TRK crack Windows 7 administrator account password?

5) Reboot into Windows 7. You should be able to login automatically with the user account specified to winpass shell script executed in step 2.

6) Reboot into Trinity Rescue Kit. Type mountallfs -g to mount Windows 7 NTFS file system in read-write mode:

The TRK mount Windows 7 NTFS file system into read and write mode.

7) With reference to the SAM file path in step 4, change directory to that folder. Execute mv SAM.trk SAM to replace the SAM file with backup copy (the original SAM file before you reset the said account password to blank / empty). By doing so, TRK effectively revert the Windows account password from empty / blank to the original state.

Use TRK to replace the Windows 7 SAM file with the backup copy in order to revert the blank password back to original state.

As you can imagine now, how dangerous it is if your vanilla Windows 7 machine is left in the public area and everyone could easily access to it.

The bad guy who uses TRK could easily gain access to Windows 7 with a blank password, do whatever things to leave a backdoor and left it back to you appear intact. I would say you won’t easily notice they have done this as you can still login with a darn complicated password that you think it is impossible for one to break it in few ten years. In actual fact, however, they can gain access in no time as they do not crack the complicated password but simply reset and revert it back.

So, how to prevent TRK cracks Windows 7 admin password?

1) Use the BitLocker Drive Encryption to secure both the operating system and data drives. While I do not read much about this Windows 7 BitLocker, but I am somewhat convinced of its encryption capabilities to safeguard Windows 7 from true unauthorized system access.

Turn on BitLocker Drive Encryption to prevent bad guys from hacking the vulnerable, vanilla Windows 7 machine.
BitLocker is not available in all Windows 7 editions. BitLocker Drive Encryption is only available in a computer running Windows 7 Enterprise, Windows 7 Ultimate, or Windows Server 2008 R2.

2) Configure BIOS to prompt password for booting up Windows 7. This is not a good idea too as out there are many toolkit used for resetting BIOS password.

3) Keep an eye on the Windows system Security log in Windows Event Viewer, to spot whoever login to your Windows account without your consent.

Custom Search

2017  •  Privacy Policy