Recently, many of my friends told me that for various reasons, their Win2000 system (or NT, XP system) administrator password was lost and asked me how to retrieve the password. Good friend, I can't help, so I tried different situations and gave them corresponding countermeasures, and finally helped them retrieve their passwords. In my spare time, I made some preparations to facilitate this article. The full text uses actual cracking operations as an example to describe how to retrieve the lost administrator password in the Windows2000 (NT/XP) system. It is expected to be helpful to many windows (NT/XP) System Administrators and Users.
I. Ghost weapons Windows Key
System: Windows2000 Professional [Version 5.00.2195]
Related information: the administrator password of the system administrator account is lost, there are no other vulnerabilities that can be logged into the user account, SAM files cannot be read, other operations, and no input method vulnerabilities.
Required tools: Windows2000 installation disc (or Windows2000 boot disk), Windows XP-2000-NT Key, an empty floppy disk.
Operation process and related answers:
First, we need to use the Windows XP-2000-NT Key to make a special drive disk. Windows XP-2000-NT Key is the United States Passware company produced a dedicated for Windows password cracking tool software,
Www.password.com provides the DEMO version of the software and detailed instructions for use. If you are interested, you can check it out. Open the software and you will see a prompt at the bottom: Please insert A blank floppy disk into drive a: and click NEXT when ready. At this point, the prepared floppy disk into the soft drive, click Next, Windows XP-2000-NT Key will automatically make this disk as a special drive disk. After the drive disk is ready, you can proceed to the next step. Use the Windows installation disk (or boot disk, in this example, use the installation disk) to start the computer with the password to be restored, when the prompt Press F6 if you need install party SCSI or RAID driver..., press F6, wait until the loading process is complete, see the prompt: To specify addition al SCSI adapters, CD-ROM drivers. or special disk controllers for use with Windows 2000, including those for which you have a device support disk from mass storage device manufacturer, press S immediately, then the system will prompt: please insert the disk labeled maufacturer-supplied Hardwaresupport disk into driver A: * Press ENTER when ready. Insert a floppy disk to load the Windows XP-2000-NT Key driver. Wait a moment and the system automatically enters the Windows XP-2000-NT Key environment. At this time, the system will prompt: Set AdministratorPassword to 12345? (Y/N):, Type Y, to be displayed:
Password has been reset.
User name is Administrator.
New password is 12345
At this time, the password of the system administrator account administrator has been changed to 12345. Remove the installation disc and floppy disk, and restart the operating system to log in with this account.
Note: The above is an example of the whole process of breaking the password of the Windows system administrator. Some people may say that the password has not been cracked! Yes. In this example, password cracking is not implemented, but it does save the Administrator account, and the effect is the same. In addition, this method can be called the ultimate way to break the windows 100%/NT/XP Administrator password, success rate! Easy to learn and use! The only lack of software is the Windows NT-2000-XP software is commercial software, not everyone can use.
Next, I will lead you to use the second method to crack the windows (NT/XP) system administrator password. If you are interested, go on to the page.
Ii. cracking tool LC4
LC4 can be called an antique super password cracking tool. Before LC4 was released, there were several old versions called L0phtCrack. This tool can implement password brute-force password cracking from the Sam file. It is a good idea to use it for obtaining the Sam file.
System: Windows2000 Professional [Version 5.00.2195]
Related information: the system administrator account administrator password is lost, there are no other vulnerabilities that can be logged on to the user account, no input method vulnerabilities, and other such vulnerabilities, and their SAM files can be obtained through various means.
Required tools: LC4 and KLC4
Operation process and related answers:
First, we need to download the two required software in this example. After the software is downloaded, We need to register it to implement all its functions. The use of KLC4 is extremely simple. You can easily obtain the LC4 registration code by following the software prompts. Next, we need to do the following simple steps:
Open LC4 and create a new task. Then, click IMPORT and Import from SAM file ...... Open the SAM file to be cracked. In this case, LC4 automatically analyzes the file and displays the user name in the file. Click Begin Audit in the Session to start cracking the password. If the password is not complex, it will take a short time.
Of course, LC4 is a powerful software. Some of its advanced features allow users to customize cracking policies and breakpoints, but it is no longer within the scope of this article, the specific usage is not described here. If you are interested, you can study it on your own.
However, this method also has its shortcomings. If the password is complex, it may take days, months, or even years. Obviously, in this case, this method is no longer so effective. At this time, we need to solve the problem from another angle.