FREE THOUGHT · FREE SOFTWARE · FREE WORLD

Changing Any Password On XP

Ever go to get on a computer and the user is logged out, and you don't know the windows password? Or do you have some access, but not access to a users private files, and you want access to those files?

This quick tutorial will show you the steps to change and reset any user password on a windows computer, and also show you how to protect your computer from people doing this to you!


CHANGE/RESET PASSWORD FOR ANY USERNAME

  1. Reboot the computer
  2. Right after the bios is finished, hit F8 (or F2,10,12)
  3. Select 'Safe mode' or 'Safe mode with networking support'
  4. Windows will boot up to the logon screen. Click administrator, 9/10 there is no password.
  5. Do, Start->Run->type 'command'
  6. At the prompt, type 'net user' which will display a list of usernames. Find the one you are looking for, try 'net user username' for them all. Type 'net user /HELP' for more info.
  7. To reset the password type 'net user username *' where username is the username you want to reset.
  8. For no password, leave blank.
  9. Now, reboot and you can login as that user.

Just a side note, if you cannot login to a network resource anymore, just login physically and unlock the account with net user username /ACTIVE

SECURING YOURSELF FROM THIS METHOD

  1. Log into your account (must have admin rights)
  2. Get to a command prompt and type 'net user username *' where username is Administrator, or the renamed administrator account.
  3. Give administrator a STRONG password.

I never use windows, but when I do, I re-install the OS on a clean harddrive, and take steps to secure it before I connect it to the net for windows and antivirus upgrades.

One of the first things I do is give the Administrator a password. I also disable the guest account, and give the guest username a password.

Next I uninstall all networking components except TCP/IP. Next I disable netbios in the TCP/IP component settings.

Then I disable some services from running, use 'net user username /DELETE' to delete the "SUPPORT" and helpdesk usernames totally, and do a bunch of other stuff.

Caveats: If you are on a pc that does not allow you to boot into safe mode, you can get around this. They aren't disabling the safe mode from the OS, they are just not allowing it from startup by pressing a function key. All you need to do is reboot, and then when windows is still loading, before the login screen, turn off the computer by holding down the power button for 5 seconds. Then turn it back on and you should have safe mode available. You can try this at many different stages to get to a safe mode.

If you have administrator rights, you can modify your boot.ini file to automatically boot into safe mode, or, preferably, you can modify your boot.ini file to give you a choice of booting into safe mode every single time you reboot. I have a custom boot.ini on every windows I run.

You could also use a linux "live cd" such as knoppix to edit your boot.ini file. But if you are going to do that, why not just use a live cd to reset the password, or retrieve the hashes and crack them with saminside?

See available boot.ini switch options at microsoft support boot.ini switch options

This is meant to be for beginners so don't give me any grief for how easy or simple this is. Not all of us even use windows. Questions/Comments welcome.

Hacking

 

 

Comments