The scannt.exe is a part of the ScanNT Pro(R) distribution version 1.1. Written by Andy Baron, Midwestern Commerce, Inc. Copyright (C) 1993-1996 Midwestern Commerce, Inc. All Rights Reserved *** DO NOT USE THIS PROGRAM FOR ILLEGAL OR UNETHICAL PURPOSES! ****** *** Requirements **************************************************** The Windows NT 3.51 Intel version requires Windows NT 3.51 server or Workstation on Intel platform. Only Intel Version is available at the moment. *** Usage *********************************************************** scannt.exe -p=Password [-u=User] [-r=pRiority] password - password dictionary file. This file must be the text file with one password per line. user - local account username to be cracked. This account must exist. (See Error Messages below). If this parameter is missing, the program will try all existing local user accounts. priority - scan process priority in percents (100% assumed if the parameter is missing) *** Program Output ************************************************** After a successful execution, program produces the following output: If the Scan process has been terminated normally, the Log File appears on the screen. The Format of the Log File appears as follows: User1, message1 User2, message2 ... UserN, messageN, where: UserK - the account name of the K-th user messageK - the message for K-th user. The messages are: - OK (N attempts) the password was not cracked after N attempts. - Cracked! (account temporarily disabled) the password was cracked, but this account is temporarily disabled by the administrator. - Cracked! (unauthorized time of day for this account) the password was cracked, but this time of day is unauthorized for this account. - Cracked! (the account is not authorized to logon from this station) the password was cracked, but this account is not authorized to logon from this station. - Cracked! (logon time restriction violation) the password was cracked, but this logon time is unauthorized for this account. - Cracked! (password has expired) the password was cracked, but the password has expired. - account locked the account is currently locked out and cannot be tested. - account Cracked! the password was cracked. As an administrator you must prompt this user to change the password as soon as possible. *** Error Messages ************************************************** 1) , You must have SeTcbPrivilege privilege set. Certain privileges must be set up for your account to successfully execute ScanNT program. The required privileges can be added to the account by using the "User Rights Policy" dialog box in the User Manager. Run the User Manager and choose "User Rights" from the "Policies" menu to see the dialog box. Select the "Show Advanced User Rights" check box. You must grant the following rights to execute ScanNT: - "Act as part of the operating system" - "Replace a process level token" - "Increase quotas" After you made this changes, you must logoff/logon for this account. 2) , account does not exist This error message appears if the account name you provide to the cracker does not exist. Be sure to choose an existing local account name. note: This message does not appear if the username is not provided as a parameter. In this case, the program will try all existing local accounts on your NT box. 3) error: dictionary file does not exist or cannot be accessed Be sure to provide legal password dictionary filename. 4) bad file descriptor Password dictionary file is invalid or corrupted *** Tips ************************************************************ To achieve maximum number of logons per second it is recommended to: 1) Disable security audit for user logon on your NT box. The simplest way to do this is to temporarily disable EventLog service on your computer. 2) Run this program as a service using service.exe utility (see service.txt for more information). Do not forget to make the necessary corrections to the service.cmd file. Under the recommended conditions, the program allows to try 6,000 passwords per minute on Pentium 100 MHz with 48 MB of RAM. *** Copyright ******************************************************* Copyright (C) 1993-1996 Midwestern Commerce, Inc. All Rights Reserved. See readme.txt for distribution/license agreement information. ********************************************************************** Microsoft Windows NT is registered trade mark of Microsoft, Inc.