Hello internet,

I was wondering as to whether youse guys knew of any third party tools to either change or display the administrator password on windows XP / 2000.

Here at work weve had contractors audit about 50 machines and we dont know what they set the admin password to.

Without re-imaging the machine is there any other way to change the password ?

Oh and ive tried doing the "net user administrator *" trick, but the user doesnt have permission to run that. :(

l0phtcrack??

This is a piece of piss to use and works with all versions of Windows 2000 and XP (inc. SP2). I've used it at work and it was fine.

http://home.eunet.no/~pnordahl/ntpasswd/

If the workstations are members of a domain, the Domain Administrators group should be members of the local Administrators group. Assuming you've taken this (fairly basic) precaution you should just be able to log on as a DA and just reset them.

L0pht is a good alternative. Making sure users don't have local admin rights is a good step towards avoiding this sort of thing in the future.

No, they dont log into domains. Just locally.


< Making sure users don't have local admin rights is a good step towards avoiding this sort of thing in the future.

The users dont have local admin rights, thats the reason why I cant change the admin password when logged on as the user. We hired a bunch of contractors to roll out all these machine's about a year ago, and now it turns out that one of them didnt use the password that we told him to use, and hence now we have this problem.


Misterbishi! Cheers for the link! id give you rep points, but ive reached my quota.

This is a piece of piss to use and works with all versions of Windows 2000 and XP (inc. SP2). I've used it at work and it was fine.

http://home.eunet.no/~pnordahl/ntpasswd/


i support this view wholeheartedly. i have used this many times. quality product.

besides, bishi never lies.

I have a modified set of 2000 and XP boot discs that resets the admin password:D

Is friggin great.

i use Austrumi

http://www.petri.co.il/forgot_administrator_password.htm#4

i use Austrumi

http://www.petri.co.il/forgot_administrator_password.htm#4

Nice....changing. 2000 and xp?

Austrumi is a Linux bootable ISO image for recovering NT passwords and other cool tools and methods, sized for Business Card size CD media (50Mb). It allows you to change any password, including that of the Administrator, on a partition occupied by Windows NT, Windows 2000 or Windows XP. Simply boot the CD and when you get to the initial boot prompt

:)

I

can't

read

sometimes

or heres one you can try, works with win xp, dunno about 2k...

open up a run command window and type

control userpasswords2

works wonders

:banana: :banana:

erm.. you need administrator privileges to run that applet.

You sure?

I could have sworn I did it on a machine yesterday....

Oh well *shrug* back to the linux password killer.

Yep, I'm sure. Microsoft may have a reputation for security flaws but that would be remarkably stupid. :)

Use knoppix STD, load ntpasswd onto a USB thumb drive, boot the computer up and change it through that.

Second option is to use knoppix STD and copy the SAM and SYSTEM files to a USB thumb drive. They're located in C:\Windows\System32\config. Then on a windows machine, download SAMinside and open up the SAM and SYSTEM files in that. Once that's done, export the hashes to a PWL Dump file, and load them into l0pht crack. I can email you all of that if you want :)

Only problem with l0pht crack is that it can take a long time to crack the passwords, but worth the wait if the data is important enough. You can run a brute force, and run it over the 2 default wordlists that come with the program, or you can get the 5000000 password wordlist of my website, and it'l crack most to all *weak* passwords.

Third option is to look for a copy of ERD Commander Pro, and that took me a long time to find, but it has utilities in there to change the password.