Forgot your Windows password? No problem read this

vbimport

#1

OK after the winter break I forgot the password for one of my virtual machines I use for school and rather than waist the time to reinstall the operating system I decided it would be faster to reset the passwords for the other accounts and I decided to take some screen shots to show everyone else how I did it.

All you need is Backtrack and a blank DVD, you can get Backtrack from this link
http://www.backtrack-linux.org/downloads/

first load up Backtrack and you will be greeted with the terminal

first create a directory where you will mount the windows partition I wanted to mount mine at “/mnt/win” so I entered the command “mkdir /mnt/win” this creates a new directory

next enter the command “fdisk -l” this will show all your partitions and what device they are associated with

/dev/sda2 is my windows partition so I mounted it using “mount /dev/sda2 /mnt/win”

next I navigated to the system32 folder using the command “cd /mnt/win/Windows/System32”

next I looked for all files with the string seth using the command “ls seth*” this revealed a single file called sethc.exe this is the sticky utility on windows

next I made a backup of sethc using the command “mv sethc.exe sethc_real.exe” this renames sethc.exe to sethc_real.exe

next I made a copy of the command prompt using “cp cmd.exe sethc.exe”

then I listed all files with the string seth again using “ls seth*” and I can see I now have two files the original renamed and a new copy that is really cmd.exe

next I return to the home director with “cd” and unmount my windows partition using “umount /mnt/win”

then I list the contents of /mnt/win using “ls /mnt/win” to make sure it is no longer mounted

next I rebooted into windows and hit “Shift” five times to turn on sticky keys which now brings me to a command prompt

from here I use “net user” to list my users

next I use “net user Tempusr /add” to create a new user without a password

next I added the new user to the administrators using “net localgroup administrators /add Tempusr”

Next I added the new account to the backup operators to avoid any NTFS security issues using “net localgroup “Backup Operators” /add Tempusr”

next I restarted the VM and there is my new user

a simple click and I am into my VM

you can also just change the password of an existing account by using “net [user name] [new password]” if you are working on a friend or relatives computer creating a temporary user is better so you will not have to change their password.


#2

The first step with the renaming and copying procedure should be feasible with nearly any modern linux distribution. You will even have an explorer-style filemanager for that job.

Or simply boot from your Windows install disc and use the built-in repair console :cool:
On older systems like W2k or XP, there is the tool from pnordahl :wink:

Michael