Cyber Weapons Lab Forum Metasploit Basics Facebook Hacks Password Cracking Top Wi-Fi Adapters Wi-Fi Hacking Linux Basics Mr. Robot Hacks Hack Like a Pro Forensics Recon Social Engineering Networking Basics Antivirus Evasion Spy Tactics MitM Advice from a Hacker

Forum Thread: How to Crack Window Password with Kali Live Usb

Hello friends this is my first null-byte, today i am going to explain HOW TO RESET ADMIN PASSWORDS FOR WINDOWS (7,8)

Prerequisites:

bootable kali linux cd/usb

to reset windows password we will use chntpw for editing the SAM database where Windows stores password hashes.

What Is Chntpw?

chntpw is a software utility for resetting or blanking local passwords used by Windows NT, 2000, XP, Vista, 7, 8 and 8.1. It does this by editing the SAM database where Windows stores password hashes.see more on wikipedia.

What Is SAM Database?

The Security Account Manager (SAM) is a database file in Windows XP, Windows Vista and Windows 7 that stores users' passwords. More on wiki and microsoft.

Now Lets Start:

Step 1: Boot Windows Machine with the LiveCD.

select Live

open terminal

mount partition on which Windows System files are installed(C: Drive of Windows). it name could be sda1, sda3 or something like like this.

mount /dev/sda1 /mnt

Step 2: Go to Windows Password Database Directory

generally located in /Windows/System32/config/

in your System it could be like this

cd /mnt/Windows/System32/config

Step 3: Type Command Below for List Out All Users

chntpw -l SAM

Step 4: Select User Administartor by Following This Command.

chntpw -u Administrator SAM

Now It Will Open a Menu to Reset the Password.Select Right Option and Save Changes.

_This article is originally from my blog

Join the Next Reality AR Community

Get the latest in AR — delivered straight to your inbox.

8 Responses

Will this work for windows10 ?

work with Windows NT, 2000, XP, Vista, 7, 8 and 8.1.

Oh Ok .. Thanks for the prompt reply :)

I find a new way to crack Windows password using Windows installation CD.
Steps:
Boot from Windows Installation CD (or use any other OS which allows you to read/write to NTFS)
Copy utilman.exe somewhere else.
Copy cmd.exe to utilman.exe
Boot to windows
Click on the pizza icon.
Type net user <username> <newpassword>

I do it all the time. (I repair PCs). Works great. Will not work with bitlocker encryption.
Source: https://www.top-password.com/knowledge/reset-windows-10-password-without-reset-disk.html

Good tutorial. However, it is worth pointing out that this only works 100% with versions of Windows before Windows 8.

Windows 8 and 8.1 use a modified version of hibernation at shutdown. This prevents write access to files on the disk and makes this method unusable.

If you have come across this issue, the following command will allow you write access:

WARNING - IF YOU ARE TRYING TO ACCESS A WINDOWS PARTITION THAT WAS HIBERNATED AND NOT SHUT DOWN, ANY UNSAVED WORK WILL BE DELETED

ntfsfix /dev/sd# >>>>>> where # is the number corresponding with the Windows partition you are attempting to access. Best of luck!

"Looks can only get you so far, but good manners can take you around the world."

Richard
Aspiring Software Developer and Computer Technician
Website: www.codingfanatic.com
Twitter: https://twitter.com/rclarkecf
Soundcloud: https://soundcloud.com/ambitouscm

Hmmmm... Isn't this method slow? How 'bout just getting a BAD USB ir autorun usb which will swap utilman.exe and cmd.exe in the system32? then click the utilman icon then voila, a command prompt, type" color a " cuz why not( lol ) then type userpassword2 to access the administrator password, then you can reset the password.

How about cracking Windows password with password reset disk?

Share Your Thoughts

  • Hot
  • Active
© 2022 WonderHowTo, Inc.