How to Change a Windows User Password Using Backtrack 4

Locked out of your computer? Wanna hack one of your friends? Can't access an old Windows user account? Then this is the article for you!

Steps

  1. Image titled Change a Windows User Password Using Backtrack 4 Step 1
    1
    Boot Backtrack 4 in your computer.
  2. Image titled Change a Windows User Password Using Backtrack 4 Step 2
    2
    Once Backtrack is done loading and the select menu is visible, pick "Start Backtrack Frame Buffer (1024X768)".
  3. Image titled Change a Windows User Password Using Backtrack 4 Step 3
    3
    Once you're allowed to type in commands, type in "startx".
  4. Image titled Change a Windows User Password Using Backtrack 4 Step 4
    4
    Once the GUI is visible, go to start(Lower-left corner) Backtrack >> Privilege Escalation >> PasswordAttacks >> Chntpw, opening the Chntpw terminal. (If it shows error "No such files or directory" check correct path to Chntpw executable in File manager).
  5. Image titled Change a Windows User Password Using Backtrack 4 Step 5
    5
    Now inside backtrack, you need to find the file path to a file called SAM, usually under 'Windows/System32/config/SAM'. We will first mount the windows partition first, so that we can access windows directory.
  6. Image titled Change a Windows User Password Using Backtrack 4 Step 6
    6
    Type in the following commands in shell console
    "mkdir /mnt/sda1" and press Enter
    Type again "mount -t ntfs /dev/sda1 /mnt/sda1" and press Enter.
  7. Image titled Change a Windows User Password Using Backtrack 4 Step 7
    7
    Now in the shell console type in "/pentest/passwords//chntpw/chntpw -i <SAMFILEPATH>"
    Example in this case:
    "/pentest/passwords//chntpw/chntpw -i /Windows/System32/config/SAM". (Note: Windows path should be case sensitive). This will load SAM in chntpw.
  8. Image titled Change a Windows User Password Using Backtrack 4 Step 8
    8
    Type in 1. "Edit user data and passwords". It will display all username of Windows partition.
  9. Image titled Change a Windows User Password Using Backtrack 4 Step 9
    9
    Type in the username of the Windows account you want to change the password in.
  10. Image titled Change a Windows User Password Using Backtrack 4 Step 10
    10
    Type in 1 to clear the password and press Enter. You can also type in 2 to edit it.
  11. Image titled Change a Windows User Password Using Backtrack 4 Step 11
    11
    Once done, type in the username of the Windows account you changed or cleared the password on and Type in 4. "To unlock account" and press Enter. This will unlock the account and enable it for using.
  12. Image titled Change a Windows User Password Using Backtrack 4 Step 12
    12
    Type in "!" and press Enter to return to main menu of chntpw.
  13. Image titled Change a Windows User Password Using Backtrack 4 Step 13
    13
    Type in"q" and press Enter to quit chntpw.
  14. Image titled Change a Windows User Password Using Backtrack 4 Step 14
    14
    Chntpw will confirm about the changes you made to SAM. Type "y" and press Enter to Write hive files.
  15. Image titled Change a Windows User Password Using Backtrack 4 Step 15
    15
    Done! Logout and Close Backtrack 4 and restart Windows!

Tips

  • If this sounds complicated, search for a video tutorial.

Warnings

  • Do NOT use this method on anyone else computer but your own.
  • Please notice that Backtrack is not very stable and can mess up your computer. Do this at your own risk!

Things You'll Need

  • Way to boot Backtrack 4 (Disc, USB, etc)

Article Info

Categories: Hacks | Software