Recently, I had to reset a user account password on an Acer netbook. Recovery can take some time, unless you have the right tools such as hashcat and a few gtx 780 TI cards laying around. Resetting a password can take less time and there are many options available. My personal favorite is to replace the sticky keys application with command prompt by using the repair option from a windows boot cd.
This time around, this was not an option for me. Being this was a netbook running a “custom” version of Windows 7 and the user did not have the original packaging, I was out of luck. Trying a full-featured Windows 7 disc failed to properly recognize the installation. This was not due to a driver issue, but merely Acer stripped down the install presumably to save space.
Enter chntpw which can be downloaded here in various forms. I opted for source, as I had the hard drive from this little netbook connected to my Mac to first perform a backup. Download the source code and extract it. The code does need to be modified slightly to run on OSX. I should also note that some NTFS read/write drivers are required. Open up the Makefile in your favorite editor. Replace the following lines of code:
1 CFLAGS= -DUSEOPENSSL -g -I. -I$(OSSLINC) -Wall -m32 -mmacosx-version-min=10.6
1 all: chntpw cpnt reged samusrgrp sampasswd
1 rm -f *.o chntpw cpnt reged samusrgrp sampasswd *~
Diff of the original and modified file is below:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 $ diff Makefile Makefile.orig 16c16 < CFLAGS= -DUSEOPENSSL -g -I. -I$(OSSLINC) -Wall -m32 -mmacosx-version-min=10.6 --- > CFLAGS= -DUSEOPENSSL -g -I. -I$(OSSLINC) -Wall -m32 29c29 < all: chntpw cpnt reged samusrgrp sampasswd --- > all: chntpw chntpw.static cpnt reged reged.static samusrgrp samusrgrp.static sampasswd sampasswd.static 69c69 < rm -f *.o chntpw cpnt reged samusrgrp sampasswd *~ --- > rm -f *.o chntpw chntpw.static cpnt reged reged.static samusrgrp samusrgrp.static sampasswd sampasswd.static *~ $
Save and exit the Makefile then run make to compile the code. Check out this guide for the ins and outs of chntpw.
Update: October 5, 2014
I recently needed to reset the password of a virtual machine that I had running in VMWare Fusion. VMWare Fusion used to include a tool called VMDKMounter, which was removed January 2011 (source). Paragon has a product that seems to offer similar functionality for free (link), registration required.