NOTE: This article is only and only for education purpose.

Hello friends, are you into the search of some ways through which you can enter the administrator password? It’s been so long that people all over world (specially students) have been facing problem of not having administrator privileges. Like, you are a local account holder over windows. So, today I’m going to show you how you can enter into administrator account without any blocking walls!

First of all, let me show you how passwords are stored in windows? Windows passwords are stored in SAM file( System Accounts Manager). It is located at “C:\Windows\System32\config\SAM” as shown in the below figure.

SAM
SAM

One cannot simply open up SAM file. All the windows password stored in it are encrypted into Hexa-Decimal format.

open

There are many ways out to gain access to password protected accounts: So lets begin with the first one ..

1. KonBoot (Best Choice):

konboot3

Kon-Boot is an application which will silently bypass the authentication process of Windows based operating systems without overwriting your old password! KonBoot is the tiniest operating system available all over the world.

All you need is:

1 USB flash drive(128MB preferred : as KonBoot just requires 3KB) PC and KonBoot USB which you can get it from here.

Steps are as follows:

  • Download KonBootUSB from the above link and unzip it.
  •  Go to in that open USB folder and double click on KonUsbInstaller
  • kon extract
  •   Select your preferred USB flash drive
  • Click on install
  • kon usb
  • Your KonBoot is installed and ready to use

Now, restart the PC you want to gain access and Booting is via USB. Select your USB flash drive and Windows will load as usual And when prompted for password, enter whatever you want to and you will be able to login. Good news is that it works on all Windows platform.

2. OphCrack: It is responsible for providing you with original password.ophcrack-logo2

Steps are as follows:

1. Download OphCrack Live OS from this given link.

2. Burn it into CD/DVD(preferred) or add the image to bootable USB (not recommended).

3. Insert into CD tray of the victim’s pc.

4. Boot via CD/DVD drive.

5.When menu is prompted, select “Graphics mode”.

 

ophcrack-usb

6. OS will load.

7. At start up, you will get some screen as below.

Ophcrack

The column of “NT Pwd” shows the password of the respective user. This is also very effective way of cracking password, but it is time consuming (depends on processor and RAM).

Other tools for cracking password are: Offline Password Cracker SAM inside

3. Via CMD net user= this command gives us the privilege to change the password of any account. Go to run (Win key+r) Type cmd and press enter CMD window will be prompted   Type into command line: “net users” and press enter. You will be able to see all the user accounts on the system.

cmd net

Then, on the next command you have to type “net users NameOfUserAccount” , press enter This command shows you all the possible details of that account(not needed, you may skip this step) .

cmd net name

At last, type in “net users NameOfUserAccount *” press enter You will be prompted for new password (type anything you want, password will not be shown, it is hidden, so be careful what you type) just confirm the password entered and that’s it, you’ve changed the access password.

You may also keep password blank if you want!

cmd complete

In windows 7/8, you may face access denied problem because of administrator privileges.

cmd admin

So first of all what you need to do is take admin rights For that follow the steps below, Go to Control panel

cp

Then User accounts In that click on “Change User Account control settings”.

cp 1

By default it will be as shown below:

cp 2

Change it to “Never Notify” Block AND click OK.

cp 3

Your problem is resolved, follow the steps mentioned above for making changes.

Difference in password changing schemes for XP & 7/8:

By default, when you personally install XP in your system, you are the admin where as in 7/8 you are a local user(it shows you admin, but you are not) So, in XP you can easily change password using net users, where as in 7/8 you got to spend some time taking administrator privileges on your account.

In 7/8: You also might have noticed that when you try to install something, you are prompted with a dialogue box asking for your confirmation.

download

Also, With some tweaks and practice over cmd and windows, you would be able to create a backdoor to enter into any system, change its password, etc etc.  Hope you enjoyed the content and also it might have helped.

Now, I would like to leave the rest on you. If you have got any queries or better suggestions for the same, you can ping me anytime here in the form of comments.

Have an awesome cracking time ahead. :)

 

4 COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.