Cracking the startup password summary of WINDOWS 2000/NT/XP

It’s been a long time since I came to the coastline. I’ve been asking questions, I haven’t given any valuable dedication. I’m always a little overwhelmed. Here are some experiences and experiences based on the usual experience. Summarize the cracking problem of the Windows startup password, I hope to help everyone.

Because these three systems are all NT kernels, so I will explain the problem together. All methods of cracking 2000/NT passwords are applicable (NT is less used, please correct me if there is any error), and crack XP password now. One way is feasible. Ok, now I know and hear about the cracking methods:

1.Using the administrator's empty password, some articles can enter the safe mode with commands, add users with the net command, and then join the administrator. group. Trouble, it is better to use the safe mode directly. After the safe mode is started, press CTRL+ALT+DEL twice to skip the account selection interface and enter the account password input mode interface. Enter the Administrator user to enter the car. Slowly change it in the control panel;

2. There is a saying: use DOS, or have dual system or multiple systems, enter WINNTCONFIG (2000/NT) or WINDOWSsystem32config (XP) under the system drive letter Delete the SAM file, the system will be able to log in to the Administrator with a blank password. I tell you that this method is absolutely useful under 2000. If it is XP, it will not work. After the deletion, XP will not start. You have to reinstall the system.

3 There is also a saying: XP system will directly get the command mode with administrator rights if it is installed with 2000 system disk, but in this case, you can not call the net command to add users, it is useless, it can only be deleted. File only. It is better to use DOS.

4. Use special cracking software to modify the password, such as ntpasswd this software, you can modify the Administrator password, but to do the boot floppy, no floppy drive can not be used.

The name is valid for WINNT/2000/XP, but I have tried it, but I can't pass it under XP.

One, installation method:

After decompression, there are two files: ntpasswd.exe and readme.txt, first run ntpasswd.exe, then enter the password as prompted: doshome.com, and finally insert A floppy disk, OK, waiting for installation... ready to use after installation.

Second, use:

1, start the computer with this floppy disk installed, it has a few lines of English prompts, to the effect that it can change the password of various users (including Administrator) User), has been tested on NT3.51, NT4 Workstation/Server, Windows2000 Professional and Server RC2 (but does not include Windows2000 Active Directory Server), press Enter to continue.

2, after the carriage return system prompts:

Do you have you NT disks on a SCSI controller? (Do you have a SCSI hard drive)

y-this will autoprobe for The driver (select Y automatic detection)

n-no,skip SCSI,I have IDE drivers (select N, skip SCSI, I only have IDE hard disk.)

Select N after system column Out of all possible NT partitions, then prompted:

What partition contains your NT installation? (Which partition is your NT installed in)

The default is [/dev/hda1], That is the first hard disk partition found. Because my Windows 2000 is installed in the first partition of the hard disk, I will directly press Enter to process it according to its default value.

At this time, the system prompts:

Select what you want to do: (select the operation you want to do)

1. Set passwords [default] (set password [ ,null,null,3],Default])

2.Edit registry

Select:[1]

After selecting 1 the system prompts:

What is The full path to the registry directory? (what is the full path of the registry directory)

The default is [winnt/system32/config]

The system lists a lot of winnt after the carriage return Files in the /system32/config directory, then prompt:

Which hive(files) do you want to edit(leave default for password setting,separate multiple names with spaces)

[sam system Security]:

The general idea is to ask which file you want to edit, generally by default, you can press Enter.

At this time, a large section of English information will appear on the screen, ignore it.

The last line is:

Do you really wish to disable SYSKEY(y/n)[n] (Do you really want to disable SYSKEY?)

The default value is n, generally you can return.

At this point, the system prompts:

Username to change(! to quit,. to list users):[Administrator](user name to change password, !, exit, list all Username, default is Administrator user)

After carriage return, the system prompts:

Please enter new password or nothing to leave unchanged. (Please enter a new password, do not enter to change the password)

Enter a new password at this time, after the carriage return, the system prompts:

Do you really wish to change it (y/n)[n] (Do you really want to change the password? ?)

After selecting y, the system returns to Username to change(!to quit,. to list users):[Administrator], you can continue to change the password of other users, and finally press "!" The key exits.

At this point, the system lists the users who have changed their passwords, and then prompts:

Write hive files?(y/n)[n]:(Write files?)

After selecting y, the system exits to the # prompt. At this point, restart the computer and you can log in with the new password.

The above method was tested on Windows2000 Simplified Chinese Professional Edition (SP2), Windows2000 Simplified Chinese Server Edition (SP2), Windows 2000 Simplified Chinese Advanced Server Edition (SP2), and Windows NT SERVER 3.51 Chinese version. But it is invalid for XP. After testing, you can see the user, the interface can be changed, but the password cannot be changed, the password result will not change!

5. The last way to deal with XP: If you have WindowsKey on hand The software can solve the problem. The software is included in the Passware Kit 6.0 (latest version), used to restore the system administrator's password, after running to generate three files: txtsetup.oem, winkey.sys and winkey.inf, the three files are only 50KB, short and fine. Put these three files on any floppy disk (U disk is also OK), then use the XP installation CD to start the computer. Press F6 during the boot process to let the system install the third-party driver. At this point, it is the best time for us to cut in. Putting the floppy disk will automatically jump to the Windows Key interface. It will force the password of the Administrator to "12345", which will solve the problem of forgetting the Windows XP login password. Also valid for 2000 and NT.

Software download address: http://www.lostpassword.com/windows-xp-2000-nt.htm

Okay, the way I finished, I know so much, maybe In the end, some people will say that I am so forgetful, yes, what is not as simple as reinstalling the system is easy. ^_^