Security Basics mailing list archives
Re: How to set back the local "Administrator" - Account password
From: "Nagareshwar Talekar" <tnagareshwar () gmail com>
Date: Fri, 15 Jun 2007 22:48:03 +0530
Thorsten, You can use Linux live cd such as BackTrack ( http://remote-exploit.org/backtrack.html) to reset or recover the administrator password. BackTrack comes with chntpw tool which is useful in resetting the password. Here's the procedure for resetting the password ============================================= 1) Reboot the system with backtrack 2) Remount the system drive in write mode umount /mnt/hda1 mount -o rw /dev/hda1 /mnt/hda1 If your system drive is NTFS then use this method umount /mnt/hda1 modprobe fuse ntfsmount /dev/hda1 /mnt/hda1 Note : You need to specify right device instead of hda1. 3) cd /mnt/hda1/windows/system32/config 4) invoke chntpw tool by specifying the SAM file and registry hives as follows chntpw -i sam system security 5) Choose the user as "administrator" 6) Enter new password or * to set blank password 7) Next reboot the machine. If you wants to recover the password then follow the below steps =============================================== 1) Reboot the system using backtrack or any other live cd or boot disk 2) Copy the sam and system files from the //windows/system32/config folder 3) Use cain&able or saminside tool to get the LM hashes from these files 4) Next submit the gathered hashes to online rainbow crack sites such as http://plain-text.info/add/ https://www.astalavista.net/?cmd=rainbowtables Within one day ( at worst case) you will get back your password Good luck PS : Sorry for the SPAM, if you have received the multiple copies. I was having some problem sending the mail due to rich format. -- With Regards Nagareshwar Talekar http://securityxploded.com http://nagareshwar.securityxploded.com On 6/15/07, Thorsten Grund <t.grund () stratec-biomedical de> wrote:
Hey, how can i set back the local Administrator passwort on a windows xp computer ? thanks thorsten STRATEC Biomedical Systems AG / Gewerbestr. 37 / D- 75217 Birkenfeld Board of Management: Hermann Leistner, Bernd M. Steidle, Marcus Wolfinger Chairman of the Supervisory Board: Fred K. Brückner Register Court: Mannheim / HRB 504390 / VAT- ID: DE 812415108 ---- DISCLAIMER ---- This e-mail and any attached files are confidential. If you are not the intended recipient or if this transmission has been addressed to you in error, any disclosure, reproduction, copying, distribution, or other dissemination or use of this communication is prohibited. If you have received this transmission in error please notify the sender immediately and then delete this e-mail along with any attachments. E-mail transmission cannot be ensured to be secure or without any error as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message or any other of such risks which arise as a result of e-mail transmission. If verification is required, please request a hard copy version.
Current thread:
- How to set back the local "Administrator" - Account password Thorsten Grund (Jun 15)
- Re: How to set back the local "Administrator" - Account password Shawn (Jun 15)
- Re: How to set back the local "Administrator" - Account password Nagareshwar Talekar (Jun 15)
- RE: How to set back the local "Administrator" - Account password Tony Perez (Jun 15)
- RE: How to set back the local "Administrator" - Account password Steven Bonici (Jun 15)
- <Possible follow-ups>
- Re: How to set back the local "Administrator" - Account password mandark1967 (Jun 15)
- Re: How to set back the local "Administrator" - Account password krymson (Jun 18)
- Re: How to set back the local "Administrator" - Account password Jay (Jun 18)
- Re: Re: How to set back the local "Administrator" - Account password bongwater1234567 (Jun 18)