Hacking Worlds

June 17, 2011

Reset an XP Password

Filed under: hacker — Jayveer Singh Rathore @ 12:37 pm

Reset an XP Password

Option #1

ERD – Emergency recovery disk. Using this method you need to prepare ahead, by downloading one of FREE ERD tools and burning it onto CD.

ERDs are Free Windows password-cracking tools are usually Linux boot disks that have NT file system (NTFS) drivers and software that will read the registry and rewrite the password hashes for any account including the Administrators. This process requires physical access to the console but it works like a charm! I’ve done it myself several times with no glitch or problem whatsoever.

Caution: If used on users that have EFS encrypted files, and the system is XP or later service packs on W2K, all encrypted files for that user will be UNREADABLE! And cannot be recovered unless you remember the old password again!

Pros: Quick, Works in 99% of cases.

Cons: Might seem complicated for notice user, doesn’t work with certain SATA disk and/or Raid controllers

Here are my favorite tools:

Petter Nordahl-Hagen’s Offline NT Password & Registry Editor – A great boot CD/Floppy that can reset the local administrator’s password. (The only tool for Windows VISTA)

EBCD – Emergency Boot CD – Bootable CD, intended for system recovery in the case of software or hardware faults.

Offline NT Password & Registry Editor (v060213 – February 2006)
Petter Nordahl-Hagen has written a Windows NT/2000/XP/Vista offline password editor:

http://home.eunet.no/~pnordahl/ntpasswd

· This is a utility to (re)set the password of any user that has a valid (local) account on your Windows NT/2000/XP/2003/Vista system, by modifying the encrypted password in the registry’s SAM file.

· You do not need to know the old password to set a new one.

· It works offline, that is, you have to shutdown your computer and boot off a floppy disk or CD. The boot-disk includes stuff to access NTFS partitions and scripts to glue the whole thing together.

· Works with syskey (no need to turn it off, but you can if you have lost the key)

· Will detect and offer to unlock locked or disabled out user accounts!

Download links:

· cd060213.zip (~3MB) – Bootable CD image with newer drivers

· bd050303.zip (~1.1MB) – Bootdisk image, date 050303.

· sc050303.zip(~1.4MB) – SCSI-drivers (050303) (only use newest drivers with newest bootdisk, this one works with bd050303)

To write these images to a floppy disk you’ll need RawWrite2 which is included in the Bootdisk image download. To create the CD you just need to use your favorite CD burning program and burn the .ISO file to CD. I personally prefer CD option since I don’t have to fiddle around with antique technology like floppy drives, besides most of new pc don’t have floppy drive at all.

Support and Problems? Good FAQ set up covering most of the day-to-day questions. Read it right HERE

Author claims that this tool was successfully tested on NT 3.51, NT 4, Windows 2000 (except datacenter), Windows XP (all versions) and Window Server 2003. Notice that it is NOT compatible with Active Directory. To work around this limitations please read the Forgot the Administrator’s Password? – Reset Domain Admin Password in Windows Server 2003 AD page.

EBCD – Emergency Boot CD (v0.61 – October 2004)
EBCD is a bootable CD, intended for system recovery in the case of software or hardware faults. It is able to create backup copies of normally working system and restore system to saved state. It contains the best system software ever created, properly compiled and configured for the maximum efficient use.

EBCD will be very useful when you need to:

· Copy/move files (with long names, not necessary in CP437 encoding) from/to the disk but OS which can handle them (windows, Linux…) cannot boot. In particular, you may create a backup copy of normally installed and configured Windows and later restore Windows from such backup copy. So, in the case of fault OS itself and all software and its settings can be restored in 5-10 minutes.

· Perform emergency boot of Windows NT / 2000 / XP. When the loader of this OS on the hard disk is damaged or misconfigured, you are able to load OS using another, standalone loader from this CD.

· Recover master boot record of HDD. This allows to boot OS after incorrect uninstallation of custom loader (LILO, for example), which made all OS on your PC not bootable.

· Delete, move, copy to file (image) and re-create partition from file. Image transfer over network is also supported: so you may configure one PC and then make contents of hard disks of other PCs same as contents of the hard disk of the first one.

· Change password of any user, including administrator of Windows NT/2000/XP OS. You do not need to know the old password.

· Recover deleted file, even file re-deleted from Windows Recycle Bin, and, in contrast, wipe single file or a whole disk so that it will be impossible to recover it in any way.

· Recover data from accidentally formatted disk. Sometimes it helps to recover data from the disk, damaged by a virus.

· Recover data from a floppy disk, which is not readable by OS. Format 3.5″ disk for 1.7 Mb size.

Also the disk includes full set of external DOS commands, console versions of the most popular archivers/compressors.

Moreover, emergency boot CD includes minimal Linux distribution (Rescue Linux distribution) which may be very useful to a professional user.

Download links:  EBCD Pro distribution (18mb)

Option #2

Lets say, worst happened – its past 11pm, you are still at work, accidentally forgot admin password and ALL ERD tools don’t work, since the pc you are working on have non-standard disk controller. What to do???

Luckily for us, Microsoft left loophole, big enough to do the task relatively easy:

1. Place in windows XP CD and start your computer (it’s assumed here that your XP CD is bootable – as it should be – and that you have your bios set to boot from CD)

2. Keep your eye on the screen messages for booting to your cd usually it will be “Press any key to boot from cd”

3. Begin windows Repair process.

4. During the reboot, do not make the mistake of “pressing any key” to boot from the CD again!

5. Keep your eye on the lower left hand side of the screen and when you see the Installing Devices progress bar, press SHIFT + F10. This is the security hole! A command console will now open up giving you the potential for wide access to your system.

From here you can run any windows command and you’ll have full administrator access. To reset password you can use ether of two ways:

1) Run NUSRMGR.CPL to get graphical interface

2) Run Compmgmt.msc to get Computer Management console. From there use Local User and Groups->User

Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Hacking Worlds

hacking worlds,how to hack window,virus coding,cyber hacking,code programming,Malware,Security architecture,Trojan horse ,Social engineering ,Spam,Spyware,Dancing pigs.

%d bloggers like this: