Friday, October 15, 2010

MyNotes - How To Get Windows Admin Access (Updated 10/16/2010)

Image Source:

Are Windows XP, Vista, and Win7 computers you use locked down? Do you need Administrator level access to a Windows computer? Then, you'll be happy to try one of these 2 approaches.

For Windows XP computer, you are restarting your computer with F8, logging in as "Administrator" to change the password on the other admin account or create a new account.

For Windows 7 (or Vista), use an UbuntuLiveCD, add repositories, and follow these steps:
  1. Install chntpw (at the terminal, type "sudo apt-get install chntpw" without quotes), then 
  2. cd /media/winhd/Windows/System32/config  (note that "winhd" may be different depending on the name of your Windows partition).
  3. sudo chntpw -u logon SAM where logon is the Windows username whose rights you want to adjust.
After step 3, you will see a screen like this one pop up:

Note the different can blank out the admin user's password, or promote the user to administrator!

How to get administrator access to Windows without a password - How-to -

By Lincoln Spector | PC World
Published: 15:45 GMT, 12 October 10

XP contains a backdoor entrance to administrator control. The following will only work if the previous owner didn't know enough to close the backdoor.

First, boot into Safe Mode: Start your PC and press F8 before the Windows logo appears. (It may take a few tries to get the timing right.) From the resulting Boot menu, select Safe Mode. When the logon screen appears, it will probably contain a user you've never seen before, Administrator, that does not have a password. Thus, you can enter Windows as an administrator-level user.

Once inside Windows, you can use Control Panel's User Accounts applet to change the password on the other administrator account or create a new one for yourself.

select System, Administration, and Synaptic Package Manager from the top right corner menus.

In the resulting window's Search field, enter chntpw. A program with that name should appear in the list of packages below. Click it and select Mark for installation. Click the Apply toolbar icon. Click Apply and wait until the installation is complete.

Now mount your drive: From the top menus, select Places, then your internal hard drive or Windows partition. When it's mounted, a File Browser window (much like Windows Explorer) will appear. By double clicking the folder icons, go to the Windows drive's Windows\system32\config folder. Leave this window up.

Now you can remove the password.

When it's typed, press ENTER.

Now type sudo chntpw -u logon SAM, where logon is the logon name for the administrator account. For instance, if you're trying to take over my account, you'd enter sudo chntpw -u Lincoln SAM. Remember, everything here is case sensitive, including the logon name.

After you hit ENTER, a lot of text will scroll up very quickly. If you entered the text correctly, the last section will begin '. . . . User Edit Menu:'

Now press 1 (the number, not lower-case L), then ENTER. At the resulting question, press y.
- Sent using Google Toolbar"

Be sure to read the entire article to get ALL the instructions. I only kept the parts I would need to accomplish this. Also, be aware that putting these instructions into play in a work setting might have undesirable consequences.

Delicious Bookmark this on Delicious
Subscribe to Around the

Everything posted on Miguel Guhlin's blogs/wikis are his personal opinion and do not necessarily represent the views of his employer(s) or its clients. Read Full Disclosure

No comments:

Genuine Leadership #4: Gratitude