This post will show you how to use some popular windows password hack tools to recover your lost windows password/ gain access to a computer for which you do not know the password.
INTRODUCTION
The windows saves our password information in the folder "C:\Windows\System32\config". The SAM (Security Accounts Manager) file in this folder saves the user names and password hashes for every account in the computer.
Our account passwords are saved in the form of hashes in the SAM file. whenever we enter our password in the login screen, the entered password is converted into hash value and compared with the hash value in the SAM file. It is not possible to simply copy the SAM file to another location. The SAM file cannot be moved or copied while Windows is running, the Windows keeps an exclusive filesystem lock on the SAM file, and will not release that lock until the operating system has shut down. SAM file can be easily copied by running an alternate linux operating system.
TOOLS TO CRACK PASSWORD
There are many free tools available to recover the lost passwords. Some of the most popular tools and how to use them are explained below
1) Ophcrack
Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.
Download the ophcrack live cd from the below links:
Once you've downloaded the .iso image file, burn it into a cd
using any cd burning software. I personally prefer PowerISO, its simple and
does the job.
Reboot the system with the live cd and select "Ophcrack graphic
mode – automatic”
Now Ophcrack automatically searches for SAM file and decrypt it. Ophcrack works if the password chosen is simple and is present in the dictionary that Ophcrack uses for brute force attack.
If Ophcrack couldn't find your password, you have to try some other tool such as NT offline password and registry editor.
2)Offline NT password and registry editor
This is a utility
to reset the password of any user that has a valid local account on your
Windows system.
• Download the
zipped file here , extract the zip file and burn the image file to a cd
• Boot the system
with the bootable cd of the file
• you should see
something like this when you booth the cd
• Press enter to
boot, it loads all the drivers. After loading the drivers the following message
is displayed, indicating to select the disk where windows installation is
present
• Select the
partition in which the Windows is installed, in most cases just press enter it
will select the windows partition automatically.
• The sam file
will be located in "windows/system32/config" folder, it may
vary depending on the windows version.
• Option to
select which part of registry to load will be asked, select 1 for Password reset [sam system security]
• The required
files for password reset will be loaded, next select "Edit user data and
passwords"
• It lists all the users in the computer, enter
the user name whose password has to be reset.
• select 1 to
clear the password of the selected user.
• enter
exclamatory mark (!) to quit
• Once we quit,
we get into main menu, enter Q to exit
• Enter y to save
changes
• Enter n to
finish blanking password and reboot the system with alt+ctrl+del
• Now your
password will be removed, and you can set a new password!
There are many other tools available such as kon-boot, cain and
abel, lcp. But i think the above two tools are sufficient. I hope this helps.
No comments:
Post a Comment