Installing driver without admin privileges on win xp

I'm trying to gain Administrator privileges on an industrial brake press so we can install a wifi dongle for networking. The problem is I don't have the password for the admin account and the company who sold us the equipment, the only people with said password, is essentially trying to extort us for it.

If I could boot from USB this wouldn't be an issue but I can't open boot options or BIOS settings on startup and USB boot is disabled by default. I'm really more of a GNU-Linux guy so I'm not certain how to proceed.

Is there a way to install drivers without the admin password, perhaps by way of the registry? Any thoughts or suggestions would be appreciated.

joe

Posted 2012-03-02T14:19:06.813

Reputation: 63

1Hey, sounds like you work someplace similar to where I do. Have you contacted the OEM for a manual? Some of these big beasties may have default admin accounts. – music2myear – 2012-03-02T14:25:56.833

Yeah we've poured through the manual. It just reiterates that we need to pay them more $ on top of the 250k we've already given them if we want the password, lol. Got to love capitalism. – joe – 2012-03-02T14:31:36.370

Answers

Not a solution to installing a driver, but I am assuming the device has a wired network connection, It may be cheaper to buy a wired WiFi bridge* and have it sit next to the tower of the machine. Another option is use any device that is compatible with a replacement firmware, dd-wrt can put a wireless access point in to bridge mode.

I did this exact setup for a large portable ultrasound machine, this solution was orders of magnitude cheaper than what the vendor was offering.

* This is not a recommendation for that exact model, it is just the first one I found for under $100 on newegg

Scott Chamberlain

Posted 2012-03-02T14:19:06.813

Reputation: 28 923

This is a great idea, and for a few months I personally used a DD-WRT compatible router as a WiFi adapter for my desktop. – Breakthrough – 2012-03-02T14:43:49.103

2Thanks. This appears to be the most practical solution for the time frame involved, although the other two suggestions kind of sound like fun and would make my co-workers think I'm a l33t haX0r ;). – joe – 2012-03-02T14:50:29.317

If you have physical access to the drive, you can remove it and place it in another computer, or alternatively, an external enclosure. That way, you can use Ophcrack (free, open source, cross-platform) to literally crack the existing password using rainbow tables.

If you can get the machine to boot from another a CD, Ophcrack also provides a bootable CD. You can also run the program right under Windows, but I'm not sure if administrator privileges are required.

The only downside to this method is that you need to download existing pre-computed hash tables ("rainbow tables"). The "free-fast" table weighs in at just over 700 MB, while a more full character set weighs in at a hefty 7.5 GB.

Breakthrough

Posted 2012-03-02T14:19:06.813

Reputation: 32 927

Oooh, use the Trinity Rescue Kit. It has an option to simply overwrite the password hash for any account you specify setting it to blank. You can then set the password up again to something you desire.

You'd need to pull the HDD like Breakthrough suggests, and if you ever had to call the vendor for support, they'd probably not take kindly to your having cracked the thing, but besides those caveats it may be easier to do this than to try the Ophcrack.

music2myear

Posted 2012-03-02T14:19:06.813

Reputation: 34 957

Another great idea - I was unaware that you could simply overwrite the password hash of the account. (Do you know if this has any affect on encrypted files, or is that largely a Vista/7 issue?) Also, +1 for the TRK, great find.

– Breakthrough – 2012-03-02T14:44:28.417

2Replacing the hash will break files encrypted with Windows' EFS, however the risk of your vendor using it is low. – Scott Chamberlain – 2012-03-02T14:47:58.800

In windows when you change a password for an account other than one you're logged into, it wipes all remembered web passwords, but I don't know if it affects the ability to access encrypted files. I'd imagine it probably does. I do not know if this same thing occurs when you wipe the password from outside of windows. – music2myear – 2012-03-02T14:48:37.943

I could not find a authoritative source, but Wikipedia states that the EFS key is encrypted by the user password, so if the password is wiped by a outside tool you can not get to the EFS key anymore. The reason it it can change it when you are logged in is it decrypts the key using the password, then re-encrypts it with the new password.

– Scott Chamberlain – 2012-03-02T14:56:21.757

That makes sense. Anything with EFS I'd count gone, but like you said, the risk of this vendor using it is slim-to-none, specially since the controller is running Windows XP. – music2myear – 2012-03-02T15:00:06.540