How to Hack Windows Administrator Password?
Sometime we forget our administrator password and we want to access the machine but
we do not know their password so we have 2 methods to logon this machine:
1. Safe mode
2. with Help of bootable software
1.) Safe mode
Press F8 Button when windows start after select Safe mode and click yes and go to run
type cmd. And type following command.
C:\> net user administrator 123123
After Administrator password will be blank.
2. With help of Bootable Software
We can use following bootable ISO images:
1. Offline NT Password & Registry Editor
2. Backtrack 4 DVD (Back4.iso) – chntpw utility
1.) Offline NT Password & Registry Editor: it actually deletes your password allowing
access to Windows without any password.
Tested with the following: NT 3.51, NT 4, Windows 2000, Windows XP, Windows 2003
Server,Vista and Server 2008.As far as I know, it will work with all Service Packs (SP)
and all editions (Professional, Server, Home etc) Also, 64 bit windows version (XP,
2003, Vista, 2008) should be OK.
Very fast password cracking tool
No access to Windows or knowledge of old passwords is needed
Program is completely free and open source, which means it will most likely stay free
Works with Windows Vista passwords and Windows XP passwords (and more)
Program's ISO image is much smaller than those of other password recovery tools
No installation in Windows is required making this program an easy alternative to
many other password recovery tools.
Just download the ISO file, burn it to a CD, and delete your password in just a few
minutes. Simple as that! And access any windows system!
2.) Backtrack 4 DVD (Back4.iso) – chntpw utility
Backtrack is the most popular Linux live CD distribution focussed on penetration testing.It
comes loaded with all the top security tools so that you can immediately startup with your
work without the need for downloading and installing any of the tools.
One of the uses of Backtrack is to fix windows problems such as fixing the registry,
resetting the user passwords etc. Here I am going to explain how we can use Backtrack to
fix the windows registry.
It has little but powerful tool called chntpw which not only allows resetting the user
passwords but also comes with full fledged registry editor.
chntpw is a Windows NT 2K XP user password tool to delete passwords and restrictions
from SAM database on installed system .They do not crack like brute force passwords, but
only delete passwords and restrictions for Administrators and simple user in SAM
To erase password use a script that a make almost for you like search NTFS drivers from
your XP to mount your partition with your drivers if doesn't find ask you to download all
needed data from internet .
Note: Deleting the password will enable you to login to the system without a password, but it will not give
you access to any encrypted data on the system. All it lets you do is log in.
1. Burn Backtrack 4 iso in DVD and boot from DVD and after start backtrack with
username: root and password: toor and open backtrack Privilege Escalation
Password Attacks Chntpw
2. Shell Prompt will be open, First see Hard disk Partions with help of following
command: # fdisk –l
3. note down windows partion name (like SDA1, HDA1)
4. After type following command:
5. chntpw –I /mnt/hda1/windows/system32/config/SAM
6. After type 1 and type username: administrator select 1 option to clear password.