Password resetting is a technique that allows an attacker to overwrite the SAM file and create a new password for any user on a modern Windows system. This process can be performed without ever knowing the original password, although it does require you to have physical access to the machine.
To perform password resetting, you will need to boot the target system to a Backtrack DVD or Ubuntu CD. Once booted from backtrack do as follows :-
In Backtrack chntpw is already installed, you just navigate through the directory /pentest/passwords/chntpw (in backtrack 5R3 Gnome 64 bit it is not installed). To download it open terminal and run the following commands:-
i. wget http://ftp.de.debian.org/debian/pool/main/c/chntpw/chntpw_0.99.6-2_amd64.deb ii. dpkg -i chntpw_0.99.6-2_amd64.deb
After Successful installation of chntpw in both OS we proceed to next steps :-
Mount C drive by simple opening it then open terminal and type following commands
i) cd /media .
ii) ls After running ls command you will see a volume serial number in my case its 8A....
Now, type chntpw /media/volume serial number/WINDOWS/system32/config/SAM
To perform password resetting, you will need to boot the target system to a Backtrack DVD or Ubuntu CD. Once booted from backtrack do as follows :-
In Backtrack chntpw is already installed, you just navigate through the directory /pentest/passwords/chntpw (in backtrack 5R3 Gnome 64 bit it is not installed). To download it open terminal and run the following commands:-
i. wget http://ftp.de.debian.org/debian/pool/main/c/chntpw/chntpw_0.99.6-2_amd64.deb ii. dpkg -i chntpw_0.99.6-2_amd64.deb
Booted From Ubuntu do as follows :-
In Ubuntu download chntpw using command sudo apt-get install chntpw
After Successful installation of chntpw in both OS we proceed to next steps :-
Mount C drive by simple opening it then open terminal and type following commands
i) cd /media .
ii) ls After running ls command you will see a volume serial number in my case its 8A....
Now, type chntpw /media/volume serial number/WINDOWS/system32/config/SAM
After running the command , a windows will be prompted and asking you to enter your choice either resetting the password to blank or change it to a new password. Do as per your requirement
Now reboot your system and Enjoy :)
No comments:
Post a Comment