Saturday, 17 November 2012

How to Reset Windows Password Using BackTrack

Hello all users, in today's we'd like to share a very simple and eagyhack for resetting your the lost Windows password using BackTrack & Chntpw tool, so let me get straight to the point without beating around the bush.

Windows stores the login password hashes (lm/ntlm format) in the registry hive files named 'SYSTEM' and 'SAM' at following location

These files are highly protected and not accessible while Windows is running even for the administrator user. However hackers have found a way to circumvent these protections and access these system files.

Level : Expert
Follow the steps below for  resetting your widow password :

  1.  First of all Boot the system using BackTrack
  2.  Identify and mount your Windows partition in read/write mode using below steps
  3.  umount /mnt/hda1
  4.  modprobe fuse
  5.  ntfsmount /dev/hda1 /mnt/hda1
  6.  Now go to Windows\System folder in that partition
  7.  cd /mnt/hda1/windows/system32/config
  8.  Now list users => chntpw –l SAM
  9.  Reset the password for specific user
 10. chntpw –u username SAM
Next type * when asked to enter new password
Now login to Windows with that username & blank password

If your hard disk is SATA type then you need to use /sda1 instead of /hda1 in the above steps.

Resetting lost windows password is quickest way to get access to your system. However it will make encrypted volumes/DPAPI protected passwords inaccessible. So you have to decide wisely before you go with resetting windows password.


No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...