PDA

View Full Version : Reset Lost Windows Admin Passwords



hal8000
01-16-2009, 10:11 AM
Heres a small script I wrote that auto detects if Vista or XP is in Use. It then mounts the partition
and runs chntpw in interactive mode. If dual boot i.e. Vista and XP are in use, it detects both OS's
giving the option to reset or quit.
You can copy the lines inssert the file onto a usb drive. Next time you use knoppix 5.11 or 5.31
install chntpw first:
apt-get update
apt-get install chntpw

Use the script at your own risk, theres always an element of piracy hence the warning message.

#!/bin/sh
#password reset for XP/Vista run as sudo or kdesu
#
#
clear
echo -e "\E[32m Reset Password Utility for XP and Vista"
echo
echo
echo
for i in hda1 hda2 hda3 hda4 hdb1 hdb2 hdb3 hdb4 sda1 sda2 sda3 sda4 sdb1 sdb2 sdb3 sdb4
do
mkdir /media/$i 2>/dev/null
mount /dev/$i /media/$i 2>/dev/null
# Detect WinXP
if [ -e /media/$i/boot.ini ]; then
echo -e "\E[37m Windows XP detected on /dev/$i"
echo
echo -e "\E[33m Warning:";echo -e "\E[31m Please ensure you have a reasonable guarantee from the customer that
this computer is owned by them before proceeding."
echo -e "\E[32m "
echo
sleep 6
chntpw -i /media/$i/WINDOWS/system32/config/SAM
umount /media/$i
fi
# Detect Vista
clear
if [ -e /media/$i/Users ]; then
echo -e "\E[36m Windows Vista detected on /dev/$i"
echo
echo -e "\E[33m Warning:";echo -e "\E[31m Please ensure you have a reasonable guarantee from the customer that
this computer is owned by them before proceeding."
echo -e "\E[36m "
echo
echo
sleep 6
chntpw -i /media/$i/Windows/System32/config/SAM
umount /media/$i
fi
if [ $i == sdb4 ] && [ -e /media/$i/Users -o -e /media/$i/boot.ini ]; then
echo -e "\E[36m No Operating System detected"
sleep 4
fi
done

Harry Kuhman
01-17-2009, 06:39 PM
Anyone considering doing this should understand that this writes to your NTFS partition with Knoppix. Some people think this is safe. Other people report problems with it, including completely destroying their data.

hal8000
01-17-2009, 11:51 PM
Anyone considering doing this should understand that this writes to your your NTFS partition with Knoppix. Some people think this is safe. Other people report problems with it, including completely destroying their data.

Yes, good point. With knoppix 5.1.1 which uses kernel 2.4.19 a warning does appear about upgrading to a kernel 2.6.20 or higher when using ntfsprogs. Personally I've never lost data on an NTFS partition using linux, even with the earlier Captive program on a 2.4.xx kernel, but have lost plenty of data with windows. Knoppix 5.3.1 uses kernel 2.4.24 but there is always a small element of risk.
Even the chntpw program suggests not changing a password but just blanking it. The above script should therefore be used at your own risk, as stated previously.

chip.ling
01-18-2009, 04:15 AM
I'm among those lucky one which never lost any data when writing to ntfs.

I double check on my knoppix 5.1.1, it runs kernel 2.6.19.

Just curious, on your shell script, the /dev/$i is mounted as read-only. So does that mean that the program chntpw still be able to write to the mount point /media/$i?

Rgds,
Chip

hal8000
01-25-2009, 05:30 PM
I'm among those lucky one which never lost any data when writing to ntfs.

I double check on my knoppix 5.1.1, it runs kernel 2.6.19.

Just curious, on your shell script, the /dev/$i is mounted as read-only. So does that mean that the program chntpw still be able to write to the mount point /media/$i?

Rgds,
Chip

Hi Chip,
Sorry wrote this using knoppix 5.3.1 which uses ntfs-3g as default and therefore mouting ntfs partitions are rw.
Forr knoppix 5.1.1 install ntfs-3g

and change the following line

mount /dev/$i /media/$i 2>/dev/null

to read

mount -rw /dev$i /media$i 2>dev/null

this should mount all partitions with rw access.