05-03-2023, 06:28 AM
(This post was last modified: 05-03-2023, 06:34 AM by Karsten Evans.)
I am trying to find my PIN on my laptop.
I can use the password but the reason I want to find the PIN
is that its the same as I used on my phone and I have simply forgotten the PIN on my sony Xperia as I've use my thumb for so long and can't access it now as its gone into PIN only mode.
I can't remember it and its driving me mad..
I don't want to have to reset it it as it has Teams on it authorised from my work domain and if I have to reset and reinstall, I will have let work install lots of spy software they use.
So I want to find the PIN used on two PCs a Fujitsu laptop and older Dell CAD PC.
Its the same as used on my mobile.
in the Ngc protection 1 folder I have 1,2,3,4,... to 17.dat
it says Microsoft Software Key Storage Provider in 1.dat so its not TPM??
I run this batch
---------------
@echo off
rem Change the path to your Python executable if needed
set PYTHON="C:\Program Files\Python310\python.exe"
rem Change the path to your winhello2hashcat.py file if needed
set WINHELLO="G:\Utils\WINHELLO2hashcat-main\winhello2hashcat.py"
rem Change the path to your windows directory if needed
set WIND="C:\windows"
rem Change the path to your crypto directory if needed
set CRYPT="C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Crypto\Keys"
rem Change the path to your masterkey directory if needed
set MASTR="C:\Windows\System32\Microsoft\Protect\S-1-5-18\User"
rem Change the path to your sysyem directory if needed
set SYSM="C:\Windows\System32\config\SYSTEM"
rem Change the path to your crypto directory if needed
set SECR="C:\Windows\System32\config\SECURITY"
rem Change the path to your sysyem directory if needed
set SOFT="C:\Windows\System32\config\SOFTWARE"
rem Change the path to your Ngc directory if needed
set NGC="C:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Ngc"
set PING="%username%"
rem Take ownership of the Ngc folder
TAKEOWN /f %windir%\ServiceProfiles\LocalService\AppData\Local\Microsoft\Ngc /r /D Y
ICACLS %windir%\ServiceProfiles\LocalService\AppData\Local\Microsoft\Ngc /grant "%username%"
F) /t
rem Run winhello2hashcat.py with the windows and ngc arguments
pause
PYTHON %WINHELLO% --verbose --windows %WIND% --ngc %NGC%
rem PYTHON %WINHELLO% --verbose --cryptokeys %CRYPT% --masterkey %MASTR% --security %SECR% --system %SYSM% --ngc %NGC%
pause
I rub the batch as admin and I get
traceback (most recent call last):
File "G:\Utils\WINHELLO2hashcat-main\winhello2hashcat.py", line 277, in <module>
lsa_secrets = reg.get_lsa_secrets(args.security, args.system)
File "C:\Program Files\Python310\lib\site-packages\dpapick3\registry.py", line 100, in get_lsa_secrets
self.get_syskey(system)
File "C:\Program Files\Python310\lib\site-packages\dpapick3\registry.py", line 41, in get_syskey
with open(system, 'rb') as f:
PermissionError: [Errno 13] Permission denied: 'C:\\Windows\\System32\\config\\SYSTEM'
Any help?
Should I copy the registry instead of using the live hive?
Is there an easy way to do that?
I used to use UBCD before but that nolonger works and i don't have recovery installed?
is there utility to copy the live registry?
I can use the password but the reason I want to find the PIN
is that its the same as I used on my phone and I have simply forgotten the PIN on my sony Xperia as I've use my thumb for so long and can't access it now as its gone into PIN only mode.
I can't remember it and its driving me mad..
I don't want to have to reset it it as it has Teams on it authorised from my work domain and if I have to reset and reinstall, I will have let work install lots of spy software they use.
So I want to find the PIN used on two PCs a Fujitsu laptop and older Dell CAD PC.
Its the same as used on my mobile.
in the Ngc protection 1 folder I have 1,2,3,4,... to 17.dat
it says Microsoft Software Key Storage Provider in 1.dat so its not TPM??
I run this batch
---------------
@echo off
rem Change the path to your Python executable if needed
set PYTHON="C:\Program Files\Python310\python.exe"
rem Change the path to your winhello2hashcat.py file if needed
set WINHELLO="G:\Utils\WINHELLO2hashcat-main\winhello2hashcat.py"
rem Change the path to your windows directory if needed
set WIND="C:\windows"
rem Change the path to your crypto directory if needed
set CRYPT="C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Crypto\Keys"
rem Change the path to your masterkey directory if needed
set MASTR="C:\Windows\System32\Microsoft\Protect\S-1-5-18\User"
rem Change the path to your sysyem directory if needed
set SYSM="C:\Windows\System32\config\SYSTEM"
rem Change the path to your crypto directory if needed
set SECR="C:\Windows\System32\config\SECURITY"
rem Change the path to your sysyem directory if needed
set SOFT="C:\Windows\System32\config\SOFTWARE"
rem Change the path to your Ngc directory if needed
set NGC="C:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Ngc"
set PING="%username%"
rem Take ownership of the Ngc folder
TAKEOWN /f %windir%\ServiceProfiles\LocalService\AppData\Local\Microsoft\Ngc /r /D Y
ICACLS %windir%\ServiceProfiles\LocalService\AppData\Local\Microsoft\Ngc /grant "%username%"
F) /trem Run winhello2hashcat.py with the windows and ngc arguments
pause
PYTHON %WINHELLO% --verbose --windows %WIND% --ngc %NGC%
rem PYTHON %WINHELLO% --verbose --cryptokeys %CRYPT% --masterkey %MASTR% --security %SECR% --system %SYSM% --ngc %NGC%
pause
I rub the batch as admin and I get
traceback (most recent call last):
File "G:\Utils\WINHELLO2hashcat-main\winhello2hashcat.py", line 277, in <module>
lsa_secrets = reg.get_lsa_secrets(args.security, args.system)
File "C:\Program Files\Python310\lib\site-packages\dpapick3\registry.py", line 100, in get_lsa_secrets
self.get_syskey(system)
File "C:\Program Files\Python310\lib\site-packages\dpapick3\registry.py", line 41, in get_syskey
with open(system, 'rb') as f:
PermissionError: [Errno 13] Permission denied: 'C:\\Windows\\System32\\config\\SYSTEM'
Any help?
Should I copy the registry instead of using the live hive?
Is there an easy way to do that?
I used to use UBCD before but that nolonger works and i don't have recovery installed?
is there utility to copy the live registry?