Offline Windows Password Reset
Recently, I had to reset a user account password on an Acer netbook. Recovery can take some time, unless you have the right tools such as hashcat and a few gtx 780 TI cards laying around. Resetting a password can take less time and there are many options available. My personal favorite is to replace the sticky keys application with command prompt by using the repair option from a windows boot cd.
This time around, this was not an option for me. Being this was a netbook running a “custom” version of Windows 7 and the user did not have the original packaging, I was out of luck. Trying a full-featured Windows 7 disc failed to properly recognize the installation. This was not due to a driver issue, but merely Acer stripped down the install presumably to save space.
Enter chntpw which can be downloaded here in various forms. I opted for source, as I had the hard drive from this little netbook connected to my Mac to first perform a backup. Download the source code and extract it. The code does need to be modified slightly to run on OSX. I should also note that some NTFS read/write drivers are required. Open up the Makefile in your favorite editor. Replace the following lines of code:
Line 16:
1
CFLAGS= -DUSEOPENSSL -g -I. -I$(OSSLINC) -Wall -m32 -mmacosx-version-min=10.6
Line 30:
1
all: chntpw cpnt reged samusrgrp sampasswd
Line 71:
1
rm -f *.o chntpw cpnt reged samusrgrp sampasswd *~
Diff of the original and modified file is below:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
$ diff Makefile Makefile.orig
16c16
< CFLAGS= -DUSEOPENSSL -g -I. -I$(OSSLINC) -Wall -m32 -mmacosx-version-min=10.6
---
> CFLAGS= -DUSEOPENSSL -g -I. -I$(OSSLINC) -Wall -m32
29c29
< all: chntpw cpnt reged samusrgrp sampasswd
---
> all: chntpw chntpw.static cpnt reged reged.static samusrgrp samusrgrp.static sampasswd sampasswd.static
69c69
< rm -f *.o chntpw cpnt reged samusrgrp sampasswd *~
---
> rm -f *.o chntpw chntpw.static cpnt reged reged.static samusrgrp samusrgrp.static sampasswd sampasswd.static *~
$
Save and exit the Makefile then run make to compile the code. Check out this guide for the ins and outs of chntpw.
Update: October 5, 2014
I recently needed to reset the password of a virtual machine that I had running in VMWare Fusion. VMWare Fusion used to include a tool called VMDKMounter, which was removed January 2011 (source). Paragon has a product that seems to offer similar functionality for free (link), registration required.
Comments powered by Disqus.