SOHO : Small Office Home Office
Freeware - Opensource software tips, tricks, tweaks & fixes for managing, securing, improving the performance of SOHO Desktop, Laptop, Networks

Friday, January 28, 2011

Changing windows passwords with Linux and CHNTPW + video tutorial

How to reset a Windows passwords, using Linux

You may need to reset an admin or user password in windows for many reasons, such as you've forgotten it or you have been given a Windows system that you need to repair and don't have access to the admin password.  Thankfully it couldn't be easier with a Linux system, and a package called chntpw.

Chntpw is a program designed to overwrite Windows NT/2000 SAM passwords


It is pretty easy to use and can be found and installed using aptitude ($ sudo apt-get install chntpw ) if your using debian based system, and is more than likely in other distributions package manager.  However you can download it from http://home.eunet.no/~pnordahl/ntpasswd/  

It can only be used on local machine and cannot be used on a remote machine.  The NT system needs to be offline (turned off) and there are many security distributions that you can use to boot up in a liveCD mode, mount the windows drive and reset passwords.  However i'm just going to use my normal install, and i'm going to mount the Windows drive via a USB caddy.

First you need to mount the drive

Then you need to locate SAM file which for Windows 2000 and XP is normally located at windows/system32/config or winnt/system32/config.  When you navigate there you should find a number of files like SAM, SYSTEM, SECURITY

Once you have located the SAM you can start using chntpw.

chntpw -h

The above will give you a list of options for chntpw

#chntpw help and usage 

chntpw version 0.99.3 040818, (c) Petter N Hagen
chntpw: change password of a user in a NT SAM file, or invoke registry editor.
chntpw [OPTIONS] <samfile> [systemfile] [securityfile] [otherreghive] [...]
 -h          This message
 -u <user>   Username to change, Administrator is default
 -l          list all users in SAM file
 -i          Interactive. List users (as -l) then ask for username to change
 -e          Registry editor. Now with full write support!
 -d          Enter buffer debugger instead (hex editor), 
 -t          Trace. Show hexdump of structs/segments. (deprecated debug function)
 -v          Be a little more verbose (for debuging)
 -L          Write names of changed files to /tmp/changed
 -N          No allocation mode. Only (old style) same length overwrites possible
See readme file on how to extract/read/write the NT's SAM file
if it's on an NTFS partition!
Source/binary freely distributable. See README/COPYING for details
NOTE: This program is somewhat hackish! You are on your own!

#END

So you can use 

chntpw -l SAM

This will list all the users on in the SAM file

chntpw SAM

The above will automatically change the administrator account 

chntpw -u USERNAME SAM

The above will change a specific username password

Once you have done unmount the drive and load the Windows system the password should be changed to whatever you changed it to.


Edit : Video tutorial created by Kris



You will find many more interesting videos by Kriss on his web site : http://www.filmsbykris.com
Continue Reading...