ExplodingPenguin.TV Linux Love, Microsoft Frustrations, and Other Geekery

29Jun/11Off

3 Free Ways To Hack Or Bypass a Windows Login

There are many reasons why you would need to reset or crack a Windows password. For me, it's usually because a user forgot their password or hit the Caps Lock when changing the password. Whatever the reason, every geek should know how to hack a Windows password.

First off, DO NOT use any of these tools on someone's computer without getting permission first.

The test machine I'm using is running Windows XP, and has the password of 1234 on username John. These tools will also work (mostly) on Vista and Windows 7.

These tutorials work with ISO files. If you haven't worked with ISO files before, use ImgBurn to burn the .iso file to a CD or DVD. I know most of you probably burnt your first iso when you were 12, but I've met several technicians that had never done this before.

 

 

Ophcrack

Official Site

Pros: Actually cracks the password without changing or blanking the current password

Cons: Complicated passwords may take a long time to crack, or be unsuccessful

This tool can be installed in Windows, if you can login to different user from the one you are trying to crack. More commonly it's run on a Linux live CD or USB, where it automatically starts once booted.

Ophcrack uses rainbow tables to crack the password hash, and has options for brute forcing.

Download and burn the live CD.

Once you boot from the live CD it will automatically choose the graphic mode and start the live OS and ophcrack application.

 

 

Kon-Boot

Official Site

Pros: Very fast, Bypasses the password requirement all together, doesn't change the current password

Cons: Can be hit or miss, especially on Vista and Windows 7

Kon-Boot changes the kernel on a one time basis at boot, so that you don't even need to enter the password to login. The next time you reboot everything goes back to normal.

Download and burn the live CD.

When you boot from the CD, hit enter when you see the kryptos logic screen. Then just sit back and wait for the Windows login.

 

 

Offline Windows Password & Registry Editor

Official Site

Pros: High rate of success

Cons: Overwrites the current password

This password editor blanks or changes the password hash stored in Windows. The only time I haven't seen this work is when the live CD couldn't recognize  the storage controller, which is rare.

Download and burn the live CD.

When you get the boot prompt hit enter.

Most options can be answered with the default [bracket] option, in other words you press enter at most of the options.

Next will be the disk selection. It does a good job at picking the right one, so just press enter for the default.

It will then ask for the registry directory, press enter.

Press enter to load the SAM hive.

Press enter to edit passwords.

Now it lists the user accounts. Press enter to edit the Administrator account or type in the username you want to edit.

Press 1 to blank the password.

Type !  and press enter to quit.

Then type q and press enter

When it says "About to write file(s) back! Do it?" you need to type y and press enter. If you tell it the default [n] the password edit will not be saved, and you'll have to do everything over again.

Now press Ctrl+Alt+Del to reboot. Remove the CD and enjoy.

 

 

Share

Posted by John

Filed under: Hacks, Windows Comments Off
Comments (0) Trackbacks (0)

Sorry, the comment form is closed at this time.

Trackbacks are disabled.