Friday, 15 November 2013

Windows ADMINISTRATOR password hack with Backtrack

Here'a another way of cracking windows admin password with the help of "Backtrack".
First of all you should have a linux backtrack disk [I have tried with BT 4 pwnsauce and it worked]
This trick may also bypass the admin restrictions.


Now just follow this steps.

-> start your PC and enter the disk.
-> Then start BackTrack in Text mode.











-> After you start it with text mode, just type the following code[in red] Step by step:
  1. mkdir /mnt/sd2   [makes a directory]

  2. mount -t ntfs-3g /dev/sd2 /mnt/sd2 -o force  [mounts it]
  3. [It will probably show a message indicating unclean shutdown, don't worry about that, just cont. with your process]

  4. chntpw -i /mnt/sd2/Windows/System32/config/SAM  [make sure type it exactly like this bcoz, linux systems are case-sensitive ]
Thats it , now Backtrack will show a few options, choose "Edit user data and passwords", then it'll show the list of users, then you'd have to look for "Administrator" and choose it,then it'll ask you, if you want to clear the password or username etc, choose "clear user password" option.[To choose you'll have to enter the number written besides the option].

And then, there you go......just remove the disk and reboot your PC.

No comments:

Post a Comment

Popular Posts