How to Reset Windows Password Using BackTrack
Hello all users, in today's we'd like to share a very simple and eagyhack for resetting
your the lost Windows password using BackTrack & Chntpw tool, so
let me get straight to the point without beating around the bush.
Windows stores the login password hashes (lm/ntlm format) in the registry hive files named 'SYSTEM' and 'SAM' at following location
C:\Windows\System32\Config
These files are highly protected and not accessible while Windows is
running even for the administrator user. However hackers have found a
way to circumvent these protections and access these system files.
Level : Expert
Level : Expert
Follow the steps below for resetting your widow password :
1. First of all Boot the system using BackTrack
2. Identify and mount your Windows partition in read/write mode using below steps
3. umount /mnt/hda1
4. modprobe fuse
5. ntfsmount /dev/hda1 /mnt/hda1
6. Now go to Windows\System folder in that partition
7. cd /mnt/hda1/windows/system32/config
8. Now list users => chntpw –l SAM
9. Reset the password for specific user
10. chntpw –u username SAM
1. First of all Boot the system using BackTrack
2. Identify and mount your Windows partition in read/write mode using below steps
3. umount /mnt/hda1
4. modprobe fuse
5. ntfsmount /dev/hda1 /mnt/hda1
6. Now go to Windows\System folder in that partition
7. cd /mnt/hda1/windows/system32/config
8. Now list users => chntpw –l SAM
9. Reset the password for specific user
10. chntpw –u username SAM
Next type * when asked to enter new password
Now login to Windows with that username & blank password
If your hard disk is SATA type then you need to use /sda1 instead of /hda1 in the above steps.
Resetting lost windows password is quickest way to get access to your system. However it will make encrypted volumes/DPAPI protected passwords inaccessible. So you have to decide wisely before you go with resetting windows password.
If your hard disk is SATA type then you need to use /sda1 instead of /hda1 in the above steps.
Resetting lost windows password is quickest way to get access to your system. However it will make encrypted volumes/DPAPI protected passwords inaccessible. So you have to decide wisely before you go with resetting windows password.
Enjoy.......
No comments:
Post a Comment