Tips and tips for cracking xp power-on passwords

The secret and tips for cracking xp boot password

Tips 1: We know that the password of WindowsXP is stored in the SAM file under the window/system32/config/

where the system is located, SAM The file is the account password database file. When we log in to the system, the system will automatically check with SAM in Config. If you find that the password and username are all in accordance with the encrypted data in the SAM file, you will be able to log in successfully; if you are wrong, you will not be able to log in. In this case, our first method is created: delete the SAM file to recover the password.

If you don't care about any account that is included in the system card, and you have two operating systems, you can use another operating system that can access NTFS to start the computer, or you can use it without installing two systems. Other tools to access NTFS. Then delete the SAM file in the C:window/system32/config/

directory and restart it. At this time, the administrator Administrator account has no password. Of course, it is a good idea to remove the hard drive and switch to another machine to delete the SAM file.

Small Tip: The security management of user accounts in Windows NT/2000/XP uses the security account manager (SAM) mechanism. The security account manager manages accounts by security identification. The security ID is created at the same time when the account is created. Once the account is deleted, the security ID is also deleted. The security identity is unique, and even with the same username, the security identity obtained each time it is created is completely different. Therefore, once an account is deleted, its security identity no longer exists. That is, if the account is rebuilt using the same username, it will be given a different security identity and will not retain the original permissions.

The specific performance of the Security Account Manager is the %SystemRoot%system32configsam file. The SAM file is the Windows NT/2000/XP user account database, all users' login names and passwords and other related information.

Tips 2: Use Off1ine NT Password & Registry Editor. With this software, you can make a Linux boot disk. This boot disk can access the NTFS file system, so it can support Windows2000/XP very well. Using one of the floppy disks, Ntpasswd, which runs on Linux, solves the problem. And you can read the registry and rewrite the account password. The method used is very simple, just follow the prompts after startup to do it step by step. Here, it is recommended that you use the quick mode, which will list the user's password for the user to choose to modify. By default, the user of the Admin group is automatically found to replace the Administrator's name. This is very convenient.

Title 3: Use Windows Key 5.0. The software is included in PasswareKit5.0, used to restore the system administrator's password. After running, it generates 3 files: txtsetup.oem.winkey.sys and winkey.inf. The three files are only 50KB in total, short and fine. Put these 3 files on any floppy disk, then use the XP installation CD to start the computer. Press F6 during the boot process to let the system install the third-party driver. At this point, it is the best time for us to cut in. Putting the floppy disk will automatically jump to the WindowsKey interface. It will force the Administrator's password to be changed to \\"12345\\", so what's the big deal? Hehe! When you restart, you will be asked to change your password again.

Title 4: Use NTFS DOS, a tool that can write NTFS partitions from DOS. Use this software to make a DOS boot disk, then to C; WinntSystem32 rename the screen saver logon.scr, then copy command.com to C:Winntsystem32 (2000 can use cmd.exe), and rename the file to logon .scr. After waiting for 5 minutes to start the machine, the screen saver that should have appeared now becomes the command line mode, and it has the Administrator privilege, through which you can change the password or add a new administrator account. Don't forget to change the name of the screen saver back after the change. Download address: http: /www.cgsecurity.org/index.html?

Tips 5: Here's a more unusual approach. You can install another XP on other partitions. The hard disk partition format should be the same as the original one, and please be careful not to install the same partition with the original XP! Before starting, be sure to back up the boot area MBR (Master Boot). Record). There are many ways to back up MBR, you can program it yourself, or use tool software, such as anti-virus software KV3000. After installing it, log in with Administrator. Now you have absolute write access to the original XP. You can copy the original SAM and use lOphtcrack to get the original password. You can also overwrite all files under the newly installed XP Winnt System32Config to the CWinntSystem32Config directory (assuming the original XP is installed here), and then use the KV3000 to restore the previously backed up main boot area MBR. Now you can log in as Administrator. XP is out.

Tip: MBR is commonly known as \\"main boot area\\", its role is to read the active partition (Active Partition) set in the partition table (Partition Table), located in the hard disk column The position of face 0, head 0, sector 1 is also the position of your 0 track. It is generated by the partition command fdisk. The MBR consists of a hard disk bootloader and a partition table. The MBR end flag is 55AA, which can be viewed with the F6 function of the anti-virus software KV3000. The default screen is MBR. If the MBR cannot find the active partition, it will display an error message like Missing operating System on the screen, so if your Windows XP does not open properly. And you see an error message like this on the screen, mostly because it is here.