Forgot Administrator Password!!!!!!!

Status
Not open for further replies.

Osiris

Golden Master
Messages
36,817
Location
Kentucky
First of all, this better not happen again. I'm sick and tired of these new mods on here that think the password reset disk is pirated software or such tools. [/b]"First off, you shouldnt be linking to such tools anyways. Second, due to the nature, I'm not gonna give you too hard a time, as you were trying to help and his intentions seemed good.

Also what the **** is wrong with that file I uploaded to MY EMAIL? Do you even know what proplus.msi is?? I also had that password resest disk in there to I know, but most people go in there to download that file which has saved a lot of people a s s e s and YOU go and SNIPPY SNIPPY it. Bright frigin idea.

Here is the tool needed for the guy you brought this D A M N good post of mine back:

Warez Monster said:
Since a lot of members lately have forgotten their password to login to their system or are working on locked system, here are a few tools that are free to unlock and reset the admin or any password for Windows.

loginrecovery

Bootdisk image

Bootable CD image

John the Ripper (v1.6)

Austrumi

How can I change the Recovery Console or Directory Restore Safe Mode Administrator password on a Domain Controller?

Featured Product:

Windows XP/2000/NT Key - Easy to use utility to reset Windows 2003/XP/2K/NT local and domain controller administrator passwords. Download FREE version now!

When you promote a Windows 2000 or Windows Server 2003 Server-based computer to a domain controller, you are prompted to type a Directory Service Restore Mode Administrator password. This password is also used by Recovery Console, and is separate from the Administrator password that is stored in Active Directory after a completed promotion.

The Administrator password that you use when you start Recovery Console or when you press F8 to start Directory Service Restore Mode is stored in the registry-based Security Accounts Manager (SAM) on the local computer. The SAM is located in the %SystemRoot%\System32\Config folder. The SAM-based account and password are computer specific and they are not replicated to other domain controllers in the domain.

For ease of administration of domain controllers or for additional security measures, you can change the Administrator password for the local SAM. To change the local Administrator password that you use when you start Recovery Console or when you start Directory Service Restore Mode, use one of the following methods:

Method #1
If Windows 2000 Service Pack 2 or later is installed on your computer, you can use the Setpwd.exe utility to change the SAM-based Administrator password. To do this:

At a command prompt, change to the %SystemRoot%\System32 folder.

To change the local SAM-based Administrator password, type

setpwd

and then press ENTER.

To change the SAM-based Administrator password on a remote domain controller, type

setpwd /s: servername

and then press ENTER, where servername is the name of the remote domain controller.

When you are prompted to type the password for the Directory Service Restore Mode Administrator account, type the new password that you want to use.

Note: If you make a mistake, repeat these steps to run setpwd again.

Method #2
On Windows 2000, if you do know the Directory Service Restore Mode Administrator password you can easily change it to something else by using the following method:

Shut down the domain controller on which you want to change the password.

Restart the computer. When the selection menu screen is displayed during the restart process, press F8 to view advanced startup options.

Select the Directory Service Restore Mode option.

After you successfully log on, use one of the following methods to change the local Administrator password:

At a command prompt, type the following command:

net user administrator *

or

Use the Local User and Groups snap-in (Lusrmgr.msc) to change the Administrator password.

Shut down and restart the computer.

You can now use the Administrator account to log on to Recovery Console or Directory Services Restore Mode using the new password.

Method #3
On Windows 2000, if you do not know the Directory Service Restore Mode Administrator password you can easily change it to something else by using the following method:

At a command prompt, type the following command:

net user administrator 123456

This will change the local administrator's password to 123456.

You can now use the Administrator account to log on to Recovery Console or Directory Services Restore Mode using the new password.

Method #4
On Windows Server 2003, the setpwd or NET USER trick won't work. Here, if you want to change the Directory Service Restore Mode Administrator password you'll need to use the following method:

Click, Start, click Run, type

ntdsutil

and then click OK.

At the Ntdsutil command prompt, type

set dsrm password

At the DSRM command prompt, type one of the following lines:

To reset the password on the server on which you are working, type

reset password on server null

The null variable assumes that the DSRM password is being reset on the local computer. Type the new password when you are prompted. Note that no characters appear while you type the password.

or

To reset the password for another server, type

reset password on server <servername>

where <servername> is the DNS name for the server on which you are resetting the DSRM password. Type the new password when you are prompted. Note that no characters appear while you type the password.

At the DSRM command prompt, type q.

At the Ntdsutil command prompt, type q to exit.

You can now use the Administrator account to log on to Recovery Console or Directory Services Restore Mode using the new password.

How can I change my user-account password from a remote computer?

Featured Product:

Windows XP/2000/NT Key - Easy to use utility to reset Windows 2003/XP/2K/NT local and domain controller administrator passwords. Download FREE version now!

You can change a Windows User Account password that is on any Windows computer from any other Windows computer regardless of whether the User Account is on a workstation, a stand-alone server, or a Windows domain controller. Additionally, it makes no difference whether the password being changed from a workstation, a stand-alone server, or a Windows domain controller. This is true for any NT 4.0, W2K, XP Pro and Windows Server 2003 computer.

You do not have to be logged on from the User Account Database that contains the Username, and you do not have to be currently logged on with that Username. This procedure is especially useful if you want to change your password in a User Account Database or security accounts manager (SAM) that is not in your default logon domain.

To change your password:

Press CTRL+ALT+DEL to bring up the Windows Security dialog box.



Press the Change Password button.

Enter the User name whose password you wish to change.

In the From dialog box, click either the computer name or domain name in the drop-down list box, or type the computer name or domain name that contains the User Account Database where the user name exists.



Type the appropriate password in the Old Password, New Password, and Confirm New Password box.



You should receive a message indicating "Your password has been changed."

This procedure is allowed even if the User Right "Access this computer from network" is disabled for the group Everyone. Changing a password does not use resources on the server. The ability to change a password without requiring the user to be logged on allows a user to change his or her password outside of the user's logon hours, or when the password has expired and the user is not able to log on.

How can I change my user-account password from a Command Prompt?

Featured Product:

Windows XP/2000/NT Key - Easy to use utility to reset Windows 2003/XP/2K/NT local and domain controller administrator passwords. Download FREE version now!

You can change a Windows User Account password that is on any Windows computer from any other Windows computer regardless of whether the User Account is on a workstation, a stand-alone server, or a Windows domain controller. Additionally, it makes no difference whether the password being changed from a workstation, a stand-alone server, or a Windows domain controller. This is true for any NT 4.0, W2K, XP Pro and Windows Server 2003 computer.

To change a user's password at the command prompt, log on as an administrator and type:

net user danielp * /domain

(This is only an example, use your own username)

When you are prompted to type a password for the user, type the new password, not the existing password. After you type the new password, the system prompts you to retype the password to confirm. The password is now changed.

Alternatively, you can type the following command:

net user danielp 123456 /domain

When you do so, the password changes without prompting you again. This command also enables you to change passwords in a batch file.

Note: If you type these commands on a member server or workstation and you don't add the /domain switch, the command will be performed on the local SAM and NOT on the DC SAM.

For example, to change the administrator's password type:

net user administrator 123456

Note: Non-administrators receive a "System error 5 has occurred. Access is denied" error message when they attempt to change the password.

Forgot the Administrator password - Alternate Method - The LOGON.SCR trickFeatured Product:

Windows XP/2000/NT Key - Easy to use utility to reset Windows 2003/XP/2K/NT local and domain controller administrator passwords. Download FREE version now!

This is another trick that will easily work in Windows NT 4.0 and some versions of Windows 2000. The principal is that you need to install a second instance of your OS to your HD, then manipulate the default screen saver (the one that's used if you don't move your mouse while the CTRL-ALT-DEL box appears) for the original OS.

For free 3rd party tools read Forgot the Administrator's Password?.

Update: You can also discuss these topics on the dedicated Forgot Admin Password - Related Discussions forum.

Windows Server 2003 Domain Admin password

This tip will NOT work for Windows Server 2003. This is because of changes in the service account with which the process runs. In Windows 2000 it was run in the Local SYSTEM account (LSA) privileges, while in Windows Server 2003 it is run with the LOCAL SERVICE account, thus resulting in far less privileges than it used to have in W2K and NT 4.0. The reason 2 new account have been introduced in 2003 is that SYSTEM Account has way too many power over the system and the system could be compromised by exploiting almost any system service. The Microsoft's solution was to introduce 2 less powerful accounts (LOCAL SERVICE and NETWORK SERVICE) and make some services run in the context of those accounts instead of LSA.

To successfully reset the Domain Admin password on Windows Server 2003 Active Directory please read the Forgot the Administrator's Password? - Reset Domain Admin Password in Windows Server 2003 AD page.

Windows 2000 Domain Admin password

To successfully reset the Domain Admin password on Windows 2000 Active Directory please read the Forgot the Administrator's Password? - Reset Domain Admin Password in Windows 2000 AD page.

The LOGON.SCR trick

To successfully reset the local administrator's password on Windows NT and some versions of Windows 2000 follow these steps:

Install an alternate copy of Windows NT or Windows 2000.

You must install this instance of NT/2000 on a different folder than WINNT, otherwise you'll end up with the same bad situation. Use ALTWINNT for example.

It is best that you install the alternate instance of the OS into a different partition than the one you have your original installation. You'll delete this folder anyway, and it's best that you just format that partition after you're done. Formatting the partition will be much easier than deleting individual files and folders.

Also, if you lost your password on NT - install a new instance of NT, not Windows 2000, as doing so will ruin your old NT installation (because of the difference between the NTFS versions). Same goes for W2K, XP and Windows Server 2003. Always install the same OS.

Note: On Windows NT 4.0 machines that were installed out-of-the-box you do not have to install a fresh copy if you still have access as a regular user to the system. E.g. if you can log-on as a regular, non-administrator user, you can still manipulate the file's permissions. This is simply because NT's default permissions are set for Everyone - Full Control. This is not true on W2K/XP/2003 machines.

Another note: Reader Mike wrote:

In the article you mention installing the OS on top of the existing OS to do the logon screensaver manipulation.

I wanted to mention that this can also be accomplished by removing the hard drive, placing it as a slave on another computer (XP and W2K play nicely) and then accessing the file system. Of course you need a second computer, but for some folks it may be an easier solution.

Thanks,

Mike

That's correct, and it will work for you unless you converted the disk to a dynamic disk, on the original OS. In that case you will no longer be able to boot the old OS, even if you do manage to access the files from the other computer.

Boot the alternate install.

Use Control Panel/System/Startup (for NT) or Control Panel/System/Advanced/Startup and Recovery for W2K to change the default boot instance back to your original install.

Lamer note: If you don't do that you'll end up booting into the alternate installation next time you turn on your computer. You don't want that, do you?

Open Explorer. Browse to your original Windows NT/2000 folder, navigate to the %systemroot%\System32 sub-folder.

Lamer note: %systemroot% is a system variable used to point to the folder where NT/2000 is installed, usually \WINNT in NT/2000, or \WINDOWS in XP/2003.

Save a copy of LOGON.SCR, the default logon screen saver, anywhere you like. Just remember where you've placed it. You can also just rename the file to something you'll remember later, I user LOGON.SC1.

Lamer note: To rename a file use the REN command in the Command Prompt window, or just select the file in Windows Explorer and press F2.

Delete the original LOGON.SCR from the %systemroot%\System32 sub-folder. It is not necessary to delete the file if you renamed it, you can leave it there.

Note: You might not be able to delete the LOGON.SCR file because of permission settings. Regular users can only read and execute the file, not delete it. If that is the case (and it is in W2K, XP and Windows Server 2003) then you need to take ownership of the file and give the EVERYONE group FULL CONTROL permissions.

Lamer note: In order to take ownership of a file right-click it, select Properties, select the Security tab, click Advanced, and then click on the Owner tab. Select one of the users found in the list, click ok all the way out.

In order to change the LOGON.SCR permissions follow the previous instructions, in the Security tab click Add and browse to the Everyone group. Add it and make sure you give it Full Control. Click Ok all the way out.

Make a copy CMD.EXE in the %systemroot%\System32 sub-folder. CMD.EXE is located in %systemroot%\system32.

Lamer note: In order to copy a file via GUI, select the file, right-click and chose Copy, then go to the destination folder, right click the folder name and select Paste. You can also use the keyboard by typing CTRL-C to Copy, CTRL-V to Paste.

Rename the copy of CMD.EXE to LOGON.SCR.

Lamer note: See step #5.

Shutdown and restart your computer. Boot into the original install.

Wait for the logon screen saver to initiate - around 15 minutes. Oh, and no, do NOT move your mouse while you wait, duh...

After the screensaver is initiated, instead of running the normal LOGON.SRC actual screensaver, it will run the renamed CMD.EXE file (which is now called LOGON.SCR), and will actually open a CMD prompt in the context of the local system account.

In step #7 you could have used EXPLORER.EXE instead of CMD.EXE, and in that case a My Computer window will pop up.

Note: As noted earlier on this page, there is a way to make the wait time shorter, but you'll need to dig into the Registry for that.

Open the CMD.EXE prompt (it should already be opened if you've used CMD.EXE in step #7) and type:

net user administrator 123456

This will reset the local administrator (or domain admin if you are doing this trick on a DC) password to 123456.

Lamer note: You can, of course, use ANY password you want...

Delete the LOGON.SCR from %systemroot%\System32.

Rename the saved default screen saver from step 5 back to LOGON.SCR.

If you wish to remove the alternate install:

Delete its' folder.

ATTRIB -R -S -H c:\BOOT.INI

Edit c:\BOOT.INI and remove the alternate install's entries.

If you've used a different partition to install the alternate install then now you can simply delete or format that partition if you don't need it anymore, plus edit c:\BOOT.INI and remove the alternate installation entries.

This trick has been tested a zillion times. Don't bother to tell me it doesn't work, it does (for Windows NT and some versions of Windows 2000), and that's a fact.

Forgot the Administrator's Password? - Reset Domain Admin Password in Windows Server 2003 AD.Featured Product:

Windows XP/2000/NT Key - Easy to use utility to reset Windows 2003/XP/2K/NT local and domain controller administrator passwords. Download FREE version now!

Note: In order to successfully use this trick you must first use one of the password resetting tools available on the Forgot the Administrator's Password? page.

The reason for that is that you need to have the local administrator's password in order to perform the following tip, and if you don't have it, then the only method of resetting it is by using the above tool.

Read more about that on the Forgot the Administrator's Password? page.

Update: You can also discuss these topics on the dedicated Forgot Admin Password - Related Discussions forum.

Lamer note: This procedure is NOT designed for Windows XP since Windows XP is NOT a domain controller. Also, for a Windows 2000 version of this article you should read the Forgot the Administrator's Password? - Change Domain Admin Password in Windows 2000 AD page.

Reader Sebastien Francois added his own personal note regarding the changing of Domain Admin passwords on Windows Server 2003 Active Directory domains (HERE). I will quote parts of it (thanks Seb!):

Requirements

Local access to the Domain Controller (DC).

The Local Administrator password.

Two tools provided by Microsoft in their Resource Kit: SRVANY and INSTSRV. Download them from HERE (24kb).

Step 1

Restart Windows 2003 in Directory Service Restore Mode.

Note: At startup, press F8 and choose Directory Service Restore Mode. It disables Active Directory.

When the login screen appears, log on as Local Administrator. You now have full access to the computer resources, but you cannot make any changes to Active Directory.



Step 2

You are now going to install SRVANY. This utility can virtually run any programs as a service. The interesting point is that the program will have SYSTEM privileges (LSA) (as it inherits the SRVANY security descriptor), i.e. it will have full access on the system. That is more than enough to reset a Domain Admin password. You will configure SRVANY to start the command prompt (which will run the 'net user' command).

Copy SRVANY and INSTSRV to a temporary folder, mine is called D:\temp. Copy cmd.exe to this folder too (cmd.exe is the command prompt, usually located at %WINDIR%\System32).

Start a command prompt, point to d:\temp (or whatever you call it), and type:

instsrv PassRecovery "d:\temp\srvany.exe"

(change the path to suit your own).

It is now time to configure SRVANY.

Start Regedit, and navigate to

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PassRecovery

Create a new subkey called Parameters and add two new values:

name: Application
type: REG_SZ (string)
value: d:\temp\cmd.exe

name: AppParameters
type: REG_SZ (string)
value: /k net user administrator 123456 /domain

Replace 123456 with the password you want. Keep in my mind that the default domain policy require complex passwords (including digits, respecting a minimal length etc) so unless you've changed the default domain policy use a complex password such as P@ssw0rd

Now open the Services applet (Control Panel\Administrative Tools\Services) and open the PassRecovery property tab. Check the starting mode is set to Automatic.



Go to the Log On tab and enable the option Allow service to interact with the desktop.

Restart Windows normally, SRVANY will run the NET USER command and reset the domain admin password.

Step 3

Log on with the Administrator's account and the password you've set in step #2.

Use this command prompt to uninstall SRVANY (do not forget to do it!) by typing:

net stop PassRecovery

sc delete PassRecovery

Now delete d:\temp and change the admin password if you fancy.

Done!

How can I open protected MS Word or Excel files if I lost (or never knew) the password for opening them?Featured Product:

Windows XP/2000/NT Key - Easy to use utility to reset Windows 2003/XP/2K/NT local and domain controller administrator passwords. Download FREE version now!

Loosing a password for an important document could become a real problem. At best, it means that you loose some time recovering the password or retyping all the data. Current password recovery solutions offer brute-force tools which try about 300 000 passwords per second. Sounds optimistic? This number means that recovering a password that consists of 8 upper or lowercase letters and digits will take more than few weeks. 12 characters password could take centuries to recover.

Hopefully there is a way to restore data without recovering password. And almost instantly. How is that possible

Protected MS Word/Excel documents are encrypted with the help of RC4 algorithm, on a key, computed by a password. For the standard encryption MS Office uses relatively short 40 bit key. This allows the sorting out of all 2^40 key values, to find a true value of the key, and to decrypt the document. Such an approach requires considerable (several days) computer time but always leads to a success. Pre-computing encryption keys and using knowledge of MS Office document's structure makes recovery process almost instant.

Still sounds odd? Visit www.decryptum.com. This is the first instant recovery service for the password protected MS Word and Excel files. The site claims to have the following functionality:

All Word/Excel 2003/2002/2000/97 files protected with original 40 bit encryption are supported

Instant decryption - under 3 minutes per file, regardless of file password

No software to download and install - service is web-only

Free online preview of encrypted file content

Secure service - all file submissions are encrypted by SSL protocol

Lets go through the recovery process with the test file called decrtyptum-test.xls. The file is protected with the password "DecryptumPWD", but we will pretend we do not know that.

After clicking "Start Decryption" you will be prompted to agree with "Service And Confidentiality Agreement".



On next screen you should enter PIN number. Lets leave PIN number entry field empty to run the service in demo mode.



Step three - uploading the file through SSL encrypted channel.



Now we should wait for the file to be decrypted. It takes about 30-40 seconds. Not so long.



And here we have the preview of the file. Now you can consider if the file is worthwhile paying for decryption.



Nice, huh? Although there are other offline methods of cracking open a protected MS Office file, this method has proven to be one of the most cost effective methods that I know of.


What is the Windows XP Password Reset Disk and how can I use it?

Featured Product:

Windows XP/2000/NT Key - Easy to use utility to reset Windows 2003/XP/2K/NT local and domain controller administrator passwords. Download FREE version now!

To protect user accounts in the event that the user forgets the password, every local user should make a password reset disk and keep it in a safe place. Then, if the user forgets his or her password, the password can be reset using the password reset disk and the user is able to access the local user account again.

The Forgotten Password Wizard lets you create a password reset disk that you can use to recover your user account and personalized computer settings if you forget your password.

How to create the password reset disk
The steps to perform this task differ depending on whether your computer is a member of a network domain or is part of a workgroup (or is a stand-alone computer).

If you're using Windows XP in a workgroup (and not in a domain), you have the option to create a password reset disk.

To create the password reset disk go to the Start menu, Control Panel, User Accounts.

Click your account name.

Under Related Tasks located on the left side of the window, click Prevent a forgotten password.

In the Forgotten Password Wizard, follow the instructions as they appear on the screen.

When the wizard starts, click Next.

Select the drive that contains the media you want to create the information on (you can use a diskette or a Zip disk), and click Next.

Type your current password, and click Next.

Click Finish.

The password reset disk contains only one file called userkey.psw, which is an encrypted version of your password. If you change your password, the password reset disk is useless, you must repeat this procedure.

How to use the password reset disk
If you made a password reset disk for your local user account through the Forgotten Password Wizard, you can use it to access the computer, even if you have forgotten your password. The following steps will only work if you are in a workgroup environment, using the Welcome screen.

At the Welcome screen, click your user name, and then type your password. If you have forgotten your password, the Did you forget your password message is displayed.

Click use your password reset disk to start the Password Reset Wizard.

Follow the instructions in the Password Reset Wizard to create a new password.

Log on with the new password, and then store your password reset disk in a safe place in case you need it to reset your password in the future. You do not need to make a new password reset disk.

And if this gets removed, I will post pirated software on here like ERD Commander 2006 for everyone to to download, you ban me, I sign up with new name and do it again and again etc. There is no reason to closing MY thread.

I've done had this discussion with 2 other mods and I'm not about to do it again. So If I sound like an a s s hole, well thats because I am at this time. I contribute to this forum almost 4 times as much as YOU do. I'm not about to stop helping everyone just because YOU "THINK" this file is bad or whatever reason you want to give it. And if I get another PM from YOU, I will bring YOU out to the forum for everyone to see, I've done it before and I'll do it again, try me.....

For everyone else, download these tools fast before someone decides to "SNIPPY SNIPPY" them.

And if YOU made a mistake, then you did and I'll drop this whole thing like it ever happened and you can delete this post. But just incase you do decide to delete this post because of other reason, I'm saving it just in case so I can repost it if it comes down to that.
That's all I have to say.
 
that sucks..hmm..I always download your stuff through that yahoo account..even though you didnt know it...you do now though..thanks for that..saved some major time.
 
Well there are two parts of this paticular situation that most likely drew a red flag. I think once the pirated forum website was mentioned and links posted this is what caused everything to get edited. This really had nothing to do with your post though nor the link posted to download the tool.

You have posted links to that yahoo account a dozen times which has been left in tact..Not to sure whats up..Its hard for me to have mixed feelings overall..One side is that I.T. professional systems analyst work side of me..the other is that hacker home user side of me..lol
 
Im just waiting....If I get to reply within aday or so, Im just gonna drop it until it happens again.
 
Status
Not open for further replies.
Back
Top Bottom