How to reset Administrator password for Windows?
I was called to a friends place as she had forgotten her administrator password. This incident made me remember all the ways-new & old that I could think of to reset an administrator password.Some are safe, some are not. As always, please expedite extreme caution when dealing with SAM files. Here it goes:
1. The sethc.exe method:
This is actually not a password hack per se, but it gives you a command prompt with SYSTEM privileges! All you need is Live CD that supports Captive NTFS i.e. Backtrack. Here we go:
captive-install-acquire
mkdir /mnt/ntfs
mount -t captive-ntfs /dev/hda1 /mnt/ntfs
cd /mnt/ntfs/windows/system32
mv sethc.exe sethc.old; cp cmd.exe sethc.exe
sync
cd ~
umount /mnt/ntfs
shutdown –r now
Reboot and press SHIFT five times. Command Prompt with SYSTEM privileges will pop-up!
2. DreamPackPL method:
This method was way too popular when I was in school. It is that old and so, I actually had to dig out a link for the download. Download DreamPackPL here and follow the following steps:
1. Unzip the downloaded DreamPackPl.zip and you’ll get dpl.ISO.
2. Use any burning program that can burn ISO images.
3. After you have the disk, boot from the CD or DVD drive. You will see Windows 2000 Setup and it will load some files.
4. Press “R” to install DreamPackPL.
5. Press “C” to install DreamPackPL by using the recovery console.
6. Select the Windows installation that is currently on the computer (Normally is “1? if you only have one Windows installed)
7. Backup your original sfcfiles.dll by typing:
“ren C:\Windows\System32\sfcfiles.dll sfcfiles.lld” (without quotes)
8. Copy the hacked file from CD to system32 folder. Type:
"copy D:\i386\pinball.ex_ C:\Windows\System32\sfcfiles.dll” (without quotes and assuming your CD drive is D:)
9. Type “exit”, take out disk and reboot.
10. In the password field, type “dreamon” (without quotes) and DreamPack menu will appear.
11. Click the top graphic on the DreamPack menu and you will get a menu popup.
12. Go to commands and enable the options and enable the god command.
13. Type “god” in the password field to get in Windows.
3. ERD Commander Method:
Begin by downloading the ERD Commander here.
1. Insert the ERD Commander Boot CD into the drive and restart the system.
2. Boot the computer using ERD Commander Boot CD. You may have to set the boot order in the BIOS first.
3. Select your Windows XP installation from the list.
4. From the ERD Commander menu (Start menu), click System Tools and click Locksmith
5. Click Next & then on the new screen, select the administrator account from the list for which you want to reset the password.
6. Type the new password in both the boxes, click Next and click Finish
4. Offline NT Password & Registry editor method:
This one used to be my favourite until I stumbled upon something a few weeks ago. Download this little beast here.
To make a bootable USB drive / key:
1. Copy all files from this CD onto the USB drive.
It cannot be in a subdirectory on the drive. Delete all the files on the drive.
2. Install the bootloader (you may have to be administrator)
On the USB drive, there should now be a file “syslinux.exe”.
Run this from a command line, like this:
j:syslinux.exe -ma j:replace j with some other letter if your USB drive is on another
drive letter than j:
On some drives, you may have to omit the -ma option if you get an error.
If it says nothing, it probably did install the bootloader.
The only problem with this one is that it will change the password completely and the user will come to know that some one has been where that some one should not be.
5. KON-BOOT A VERY GOOD UTILITY!
Download Kon-Boot ISO and burn to CD to start using this little demon!
1. Insert the Kon-Boot CD that you just burned and boot the computer with the CD.
2. Hit enter to continue at the splash screen.
3. When asked for the password to log in, hit enter. Thats all! No files are written to the disk by this utility. None are modified either. Reboot without the cd & you are back to your original password.
Why do I like this one the most? Because this one works on all Windows Versions! Right from Windows XP to Windows 2008.
UPDATE:
6. PCLoginNow Method
Download the PCLoginNow ISO and burn to CD to start using this little demon! PCLoginNow is a tool to reset local accounts’ passwords on Windows system. It can also help you to upgrade an general account to administrator, lock or unlock accounts. It supports Syskey on Windows NT/2000/xp/2003/Vista.
0 comments: