Saturday, January 12, 2008

Reset Admin Password

Reset the Administrator Password

There are a number of techniques that you can use to reset the local administrators password. While these techniques provide a way to circumnavigate any security that has been placed on the machine, it proves the adage that if someone can get physical access to a machine you have no security.
The aim of this blog is to provide techniques that don't need any third party tools or downloads from the Internet.
You may have to try more than one of these to get access.

Windows 2000/XP Technique One
Requirements:
Windows 2000/XP CD-ROM
The machine must support bootable CD-ROM
Modify the BIOS so that the machine boots from the CD-ROM.
Load the Windows 2000/XP disk and boot the machine.
Move through the boot process until you reach the option to install or repair. Choose repair.
Allow the install to begin and copy files across.
For Windows 2000 wait until it is registering components then press shift F10 to open a command prompt.For Windows XP, once it has rebooted and wait until it is "Installing devices", press Shift and F10 to open a command prompt.
If you are using Windows 2000, enter the command "control.exe" (minus quotes) to open the control panel. In Windows XP type in "nusrmgr.cpl" (again minus quotes), which will open the user control panel.
Use the tools to reset the passwords as required. Once complete, close the control panel applets you have open and type exit to close the command prompt window.
Allow the repair to complete as normal.
Note, various sources have indicated that you have to choose install instead of repair to allow this process to complete. This may vary depending on the age of your Windows CD that you are using. Try it with repair first, then attempt it with install if that technique doesn't work.

Windows NT, 2000, XP Technique 2
Requirements
Windows 98SE Startup Disk
File system is FAT16 or FAT32
Boot the computer using your Windows 98 Startup disk.
Change directories to C:\Winnt\System32 or C:\Windows\system32
Rename the file "logon.scr" to "logon.old" (command: "Ren logon.scr logon.old") (all minus quotes)
Copy the file "cmd.exe" to "logon.scr" (command: Copy cmd.exe logon.scr)
Remove the Windows 98 Startup disk and reboot.
Once the machine has come back up, leave it at the login prompt. Don't touch anything on the machine (mouse or keyboard) and wait for the screensaver to cut in.
Instead of default "logon" screen saver starting, the command prompt should appear.
For Windows NT type “MUSRMGR” minus the quotes to start User Manager.For Windows 2000 type the command "control.exe" (minus quotes) to open the control panel. For Windows XP type in "nusrmgr.cpl" (again minus quotes), which will open the user control panel.
Change the passwords as required and then close the tools you have used, along with any control panel applet also in use.
Copy the old login screensave (logon.old) back to logon.scr (command: Copy logon.old logon.scr)
Type “Exit” (minus quotes) to close the command prompt.
You should now be able to login to the machine as administrator using the new password.
Windows NT, 2000, XP Technique 2a
If the file system on the machine you need to use is NTFS, then you will need another machine.
Remove your hard disk from the machine and connect it to another machine that support NTFS. It doesn't have to be the same operating system. If you need to get in to Windows 2000 machine and only have an NT4 system to connect the drive to, then make sure that the NT4 machine is running Service Pack 5 or higher installed so that it can read the newer version of NTFS. It is actually better to use the highest operating system possible (Windows XP) as this can read all of the older versions.
Once you have booted in to the existing operating system, follow steps 3 and 4 from the above technique, instead changing files on the other hard disk. Once you have changed the files, put the hard disk back in the existing machine and then complete the steps from 6 onwards.

Windows NT, 2000, XP Technique 2b
You could also use a variation of this technique using a parallel installation of Windows. However this can cause a mess and is only advised if you want to rescue the data and then will wipe and reinstall the operating system and your applications