Sometimes, we forget our password & we want to reset it. It can be done
in many ways. I once used Kali Linux to crack the password of my friend’s
pc. Today, I’ll tell how I did it. It requires
chntpw tool in Kali to
modify SAM hashes. Without going into more details about it, let’s
start with just the steps.
Download Kali Linux ISO and burn on a CD/DVD or flash it to a flash drive to make it a bootable USB.
From Boot menu -> Select Live (Forensic Mode) to launch the OS without actually installing it on to the hard drive.
Enter the default username as root and password as toor when prompted.
Almost of all the Windows OS versions, passwords are saved in SAM or the Secure Account Manager.
This file is usually located in
/Windows/System32/config. Navigate to the folder using terminal by typing
cd /media/"hard-drive name"/Windows/System32/config
After navigating to the config folder hit
ls -l SAM* to list out the SAM files.
Now we are using chntpw tool in Kali to make changes to SAM. Hit
chntpw -l SAM.
It lists out all the usernames found in the SAM on the host Windows OS.
chntpw -u "username" SAM. Replace the
"username" with the username to reset.
You’ll be then prompted with four different option. So now you can press 1 for clearing the previously set Windows password. Then suspend the Kali session and try logging in into the victim Windows OS with usually don’t prompt any password!
That’s all. Hope, you find this cool on how to reset password of any version of Windows.