We know that in the process of installing Windows XP, first of all, the "administrator" default login to use, and then will be asked to create a new account. Administrator" default login to use, and then will be asked to create a new account, in the use of this new account to enter the Windows XP log, and in the Windows XP login interface will only appear in the creation of the user account, will not appear "Administrator", but in fact The "Administrator" account still exists, and the password is empty.
When we understand this, if you forget your password, and then log on to the screen, hold down the Ctrl + Alt keys, and then hold down the Del key for two times, you can appear in the classic logon screen, and then in the type of user name "administrator", the password is empty to enter, and then" zhangbp". The password of "zhangbp" can be used.
China Page 2 - Using Windows XP is very easy, if you are a forgotten person, then we can not forget to set the password for the first time at the same time can be created in Windows Recovery XP startup disk password account, which allows you to not have to worry about formatting the hard disk.
Find the "Control Panel" in the "User Accounts" item, check your account into the control interface as shown in the figure, we can see that there is a "Block a forgotten password on the left side of the task list! ", click on it, you can open the "Forgot Password Wizard", the system will prompt you to insert a blank, formatted disk operation will allow you to enter the account's password is used, you can quickly create a password reset disk.
After that, when we forget the account password without having to use the "Welcome Screen" after logging on to Windows XP, press the "Ctrl + Alt + Del" key combination. "Windows Security" window, click on the option "Change Password" button, the Change Password window appears. This window, back up the current user's password, click on the "Backup" button in the lower left corner, activate the "Forgot Password Wizard", follow the prompts to create a password reset disk.
If you enter a wrong password in the Windows XP logon window, a pop-up window "Login Failed" will appear, and if you don't remember your password, you can click on the "Reset" button to activate the Password Reset Wizard, which can be accessed through the "Create Password Reset Disk" window. If you don't remember your password, you can click the "Reset" button to start the password reset wizard, by creating a password reset disk just now, you can use this password to change the password reset disk and then boot the system. Reset your password and log on to Windows XP.
The "password reset disk" has a certain risk of being created, because anyone can use it to log on to Windows XP with the "password reset disk", the user can enter the name of the user account, the user can operate all of the The actual action, it must be "password reset disk" saved in a proper place to prevent loss or leakage loss.
China
Method 3--Remove SAM file (Note that this method is only applicable to WIN2000)
Windows NT/2000/XP uses the mechanism of Secure Account Manager (Secure Account Manager, SAM), which is a mechanism to manage the user's security account through the security mark of the user's security account at the time of account creation. At the same time the account is created the security token is carried out, once the account is deleted, the security token is also deleted. Security identifiers are unique, and even with the same user name, the security identifier is completely different each time it is created. Therefore, once an account's username is rebuilt the account will be given a different security identifier and will not retain its original permissions. This is manifested in the %SystemRoot%system32configsam file of the Security Account Manager. SAM file is the Windows NT / 2000 / XP user account database, all users of the login name and password and other related information will be stored in this file.
Recognizing this, our solution also arose: delete the SAM file, boot the system, and it will rebuild a clean and innocent SAM, which naturally has no passwords.
However, such a simple method does not apply to XP, and Microsoft may use this as a bug to do then now ...... In XP system limitations, even if you remove the SAM , still can not remove the password, but instead will make the system startup initialization error, can not enter an infinite loop of the system!
China method 3 - find the password for the SAM file (using the DOS basic premise ...... command line) of
Before the system starts, insert the boot disk and go to: C: WINNTSystem3Config copy the SAM file to a floppy disk using the COPY command. Get another machine to read it on. Tools LC4 here need, run LC4, open and create a new task, and then sequentially hit "IMPORT → import from the SAM file", has been cracked to open the SAM file, and then LC4 will automatically analyze this file, and display the file's user name; and then click on the " Session → Start Audit", you can start to crack the password. If the password is not very complex, you will get the effect in a very short time.
However, if the password is complex and it takes a long time then we need to use the following method.
China
Method 4 - Other SAM files involved (provided you can get another computer's SAM file and password ...... I personally feel that this is the most viable option)
1 - As mentioned above, the SAM file saves the login and password, and then we just need to replace the SAM file is to replace the login and password. However, the "origin" of the hard disk partition format is replaced by the SAM file to your system, e.g. (see FAT32 or NTFS, you confirm). The best "origin" of the system is not to set a password and leave the security settings untouched (as a matter of fact, most PCs are like this), but of course, the safer way is to go all the way to the [WinNTSystem 32Config] directory in the XP system, under the file cover [C: WinNTSystem 32Config] directory (assuming that it is installed). Your XP in the default C partition :),
2--If you can't get help from others (I mean "Wan A"), and you install the XP system on a different partition that is the same as the original format of the hard disk partition, you must not pay attention to installing the original XP in the same partition! Before you start, be sure to make a boot sector MBR, there are many ways to back up the MBR using tools such as antivirus software KV3000 like Backup. Bahrain administrator login, now that you have the original XP will have absolute write access, you can test down to the original SAM, with 10PHTCRACK to get the original password. You can also put the new installation of XP, win NTSystem all files 32Config under cover C: win NTSystem 32Config directory (set up the original XP installed here), and then restore the previous grief MBR of the master boot record with KV3000, and now you can log in XP administrator.
[Plan #2, which I find troublesome, or #1: ask for help ...... Good]
[Also reported that the SAM in the C: windows epair directory is the original version, which you can use to mask under the SAM system32 so that you can remove the current password, the password recovery to install the system begins. If the password is empty, is it ......] 5 - Use the Win 2000 installation CD to boot repair the system (prerequisite
China
Methods ..... . It's obvious, right? Is that you have a Win 2000 installation CD-ROM)
Boot your computer with Win 2000 installation CD-ROM, install select screen Wndows2000 choose Repair Windows 2000 (press R) ;then select Repair using Failure Recovery Console (press C), the system will scan for existing versions of WINDOW 2000 / XP. Usually there is only one operating system, it only lists one choice in Logon (L:C:Windows). Press l on the keyboard and enter. At this point, the Windows XP operating system does not require an administrator password to be entered, but logs directly into the Failure Recovery Console mode (this is required if you are using the Windows XP installation CD-ROM to boot up. Entering the administrator password in this case refers to the Administraor, the system's built-in administrator account) Those of you familiar with it know that it can be any system-level operation such as Windows Recovery Console: copying, moving, deleting files, starting and stopping services, and even formatting, repartitioning, and other destructive operations.
Tested using CD-ROM: Integrated Windows 2000 Proessional Simplified Chinese Edition SP3. System
Tested with: Windows XP Proessional, patched SPI Windows XP (FAT32 and NTFS filesystems are the same)
[It should be noted that due to the fact that some of the Windows 2000 CD-ROMs in the market cannot fail the console logon option due to a variety of reasons, so it is not possible to exploit this vulnerability. so it cannot take advantage of this vulnerability. Also, since the failover console mode itself is limited, it cannot be exploited from a network, in other words, this vulnerability is limited to a single machine.
Chinese method 6 - Utilize the NET command (there are two necessary conditions for this work: the installation by the zone must be small, the FAT 32 file system of Windows XP, the user name does not contain characters)
We know that the "net user user" command is provided in Windows XP, this command can be used to exploit this vulnerability. Windows XP command, the command can add, user account information, its syntax is:
net user [username [password *] [options]] [/domain]
net user [username password {*} / add [options] [/domain]
net user [username [/delete]] [/domain]
Specifically in the Windows XP help the meaning of each parameter is described in detail, here I do not go into much detail. Well, we are now in order to illustrate the steps as an example to forget the password solution to recover the local user "zhangbq" password:
1, restart the computer, after the startup screen appeared to press the F8 key to immediately select the "Safe Mode with Command Line "
2.
Page 2, the end of the process to run, the system lists the system super-user "administrator" and the local user "zhangbq" selection menu, mouse click on " administrator" to enter command-line mode.
Page 3, type the command: "net user user zhangbq 123456 / plus", forcing to change the "zhangbq" user's password is "123456 "This add a new user (eg: user name is ABCDEF, password 123456), and then type "net user user ABCDEF 123456 / add" to join the free after the "net local group administrator ABCDEF / add" command will upgrade the system's user management group "administrators" users, it has superpowers.
4, restart the computer, select the normal mode of operation, you can change the password after logging in the user "zhangbq" at "123456". In addition, in the [console] → [user account] → select the user to enter the login zhangbq after forgetting the password, delete the password, and then select [] after [etc.] in the login screen, the user can not use the password to select the original so that enter (because it has been deleted) just delete the [console] new user → [user account] → select [alanhkg888], and then select [delete account ] works
[However, it was noted: after that experiment - the command code in Safe Mode for a new user could not enter Normal Mode (confirming that conclusion for the moment)
Method #7 - use password cracking software (provided you have a standard installation CD - not one of those multi-disk D-version "all-in-one "system")
1 - Use PASSWARE KIT 5.0 in Windows KEY 5.0, with Recover System Administrator password, to generate three files to run: TXTSETUP.OEM, wINKEY.SYS and wINKEY.INF, 3 files ****50KB. Any floppy disk with these three files on it, then boot the computer using the XP installation CD and press F6 to start the process using the third party driver. In this case, it is the perfect time for us to cut and place that floppy disk will automatically jump to the Windows key interface. He would force the administrator password to be changed to 12345, and the result was no major hiccups? Ho-ho! When you reboot, you'll be asked for your password again.
2 - Use OFFICE NT password and registry editor. Use software that can generate a Linux boot disk, this boot disk can access the NTFS file system, so that you can better support Windows 2000 / XP. using a floppy disk running under LINUX tool NTPASSWD can solve the problem, and can read the registry and rewrite the account. It is very easy to use, just follow the prompts and you can start step by step. Here, we recommend that you use the Quick Mode so that the users will be listed for you to choose the user password. Default ADMIN group users choose to automatically find the Administrator username to replace, very convenient.
China 3 - ERD.Commander 2003 for Windows administrators and end-users, can always be in the face of a system crash, probably everyone will have their own set of tools used to save data and repair the system. This can be seen as the most powerful component of ERD Commander's Winternals Administrator Park tool, as well as one of the compelling features is the passwords, Windows NT/2000/XP/2003 systems where any passwords are used in case the user is unable to know the original password is up to ERD.
Method 8-
Screensaver (Provided you have set up a screensaver). is that you have set up a screen saver)
You can use NTFSDOS, a DOS utility to write NTFS partitions from. Use this software to create a DOS boot disk, then go to C: Win NTSystem 32 and rename the screensaver to logon.scr, then copy it to Command.com under: Win NTSystem 32 (WIN2000 can be under CMD.EXE) and rename the file to logon.scr. After this start the machine for 15 minutes. After this start the machine for 15 minutes, it seems that in this screensaver now turns into command line mode, but with administrator privileges, he can add a new administrator account or change the password. Do not forget to change the name after the completion of the change back to the screensaver.
China
Method 9 - Use a startup script (basic premise ...... Use DOS Command Line)
BR> Windows XP Startup Script (Startup Script) is a batch file on your computer that runs before the logon screen appears, and it functions similarly to the DOS batch file automation in Windows 9× and AUTOEXEC.BAT. Using this feature, you can write a batch file to reset the user's password and add it to the startup script, which accomplishes the goal. Here are the steps (assuming the system directory is C: Windows) in.
Using a computer 1. Windows 98 startup disk. Create a new file named a.bat in DOS with a single "net user" command: "network user RWD 12345678". In order for this to work, the user's password should be set to RWD "12345678" (for the usage of the net command, please refer to Windows Help). Then save the file a.bat: in "C windowssystem32GroupPolicyMachineScriptsStartup".
2. Write a startup/shutdown script configuration file scripts.ini, the name of this file is fixed and can not be changed. The full text is as follows:
[Startup]
0CmdLine = a.bat
0Parameters =
3 Save to scripts.ini file: in "C winntsystem32GroupPolicyMachineScripts". scripts.ini saves the computer's startup setup data/shutdown scripts, and the file content usually consists of two parts: [Startup] and [Shutdown]. In the [startup] data segment is the startup script configuration, and in the [shutdown] data segment is the shutdown script configuration. Each entry is divided into two sections, the script name is stored in the XCmdLine keyword and the parameters are stored in the XParameters keyword, where X denotes 0 script number at the beginning of multiple script entries and flags to differentiate between the script and the order in which the script parameters are run for that script entry.
4. Remove the Windows 98 startup disk, restart the computer and wait for the startup script. After starting the script run the user's password recovery RWD to "12345678". Delete
5. Successfully log in after the above steps to create two files.
[You can use "Notepad" to actually borrow someone else's computer, write a.bat scripts.ini, and then copy it to your computer on a floppy disk via DOS]
BR> Description:
The above script uses the FAT32 file system. If you are using NTFS file system, you can mount the hard disk for such an operation from a mode to another computer that recognizes NTFS file system (such as carry out in Windows 2000 or Windows XP). This method allows you to recover the administrator (administrator) password. Windows 2000 system passwords are recovered equally effectively on local computers and domain users.