Header Ads

How to break the Windows 7 Administrator Password Using Windows Installation DVD

First of all, I must keep mind this post is for the educational purposes only. So If you do any Bad this using this tutorials, you must get the responsibility. OK Guys, Windows store their password on the SAM File Which is Store in "C:\Windows\System32\config". But directly we can't edit this file using note pad or some editing application. Even we can't copy the SAM file s when we in Windows operating system. Because this file was encrypted. so if we can open file we can't read the password. because we can't see password that file we can see only the Hashes of the passwords.


SAM file in "C:\Windows\System32\config"

So we are in huge trouble. now how to crack the Windows password? so we need to crack the hashes?? No.... Because We can't crack the hashes. Because the only way to crack the hashes is brute force the Hashes or Crack the hashes using rainbow tables. these two methods need lot of time to crack the password.  

What is Brute-force attack?

In cryptography, a brute-force attack, or exhaustive key search, is a cryptanalytic attack that can, in theory, be used against any encrypted data (except for data encrypted in an information-theoretically secure manner). Such an attack might be used when it is not possible to take advantage of other weaknesses in an encryption system (if any exist) that would make the task easier. It consists of systematically checking all possible keys or passwords until the correct one is found. In the worst case, this would involve traversing the entire search space.

What is Rainbow table attack?

A rainbow table is a precomputed table for reversing cryptographic hash functions, usually for cracking password hashes. Tables are usually used in recovering a plaintext password up to a certain length consisting of a limited set of characters. It is a practical example of a space/time trade-off, using less computer processing time and more storage than a brute-force attack which calculates a hash on every attempt, but more processing time and less storage than a simple lookup table with one entry per hash. Use of a key derivation function that employs a salt makes this attack infeasible.

So I think you can understand why these those methods need more time. we can access these files Using " Net User command and using commands we can reset the password.  But Now we can't access the PC. As well as we need to Administrative Privilege to  run this code. So we can't simply log in to non administrative account and break the Admin account password. 

So now we can understand, we can't crack the password with install Windows OS. So we need some OS which can be run live. Like UBUNTU Live CD. But we can not crack the password using UBUNTU CD. In that case we need to find windows base live CD. Because we need to access The command prompt.

Hirens Boot CD Is the good windows base live OS and which has great tools. But now haven't that CD. So now we have big rush to break the password. So we have no time to download the Hirens boot CD.

But every computer technician has the Windows installation DVD always. I think at least you have a windows DVD. :P OK Now The Work Begin. Insert the Windows DVD in to your DVD Drive and boot the system using Windows installation DVD.


Now appear this screen and click net to go forward. before do that check that the language, time, and keyboard options work for you and then click on the Next button.


Once again you're at the Install Windows screen with the Windows 7 logo, only this time you have an Install now button and some options at the bottom.

Click on the Repair your computer link, right above the Microsoft copyright note at the bottom of the screen.


After that Wait While Your Windows 7 Installation is Found...


Now Note Your Windows Location & Click Next.

After that Choose Command Prompt.



Now Command prompt window will appear. Now we need to find users in this PC. Now Type fallowing code in the command prompt to view users in computer.





In this PC have two user accounts.

Now to reset the password just type the following command, replacing the username and password with the combination you want. now I'm  going to reset the password of the "Administrator" account.




if the code run Successfully you can see above screen with the "The command completed successfully."


according to above code my new password is "123456" for the administrator account. replace your password with "123456" and username.

If your doing this with some people, if you need to hide the password form them. you can use astric to hide the password which you typing.




After that type your password twice. After that you will get the message command was successful.



If you have any problem. feel free to comment below. I will give your solution to fix your problem. 


No comments

Powered by Blogger.