How to reset your Admin password without Admin rights

from tuts/windows/How to reset your Admin password without Admin rights


Help! I forgot my Windows 7 Admin password!

Asked by Anonymous

Requirements

You'll need the following:

Part 1: UNetBootin

First off, get your flash drive, log into a non-admin account, or pretty much any computer with which you can access the internet. Then download UNetBootin.

Then run UNetBootin, and install any distro in the list, probably Ubuntu, Elementary OS, or Linux Mint. Hey, you might actually like it and decide you want to use linux instead, so you might as well pick a nice one.

Personally, I would recommend Elementary OS. It has a beautiful UI, and is very fast. So for this tutorial, I'll assume you got Elementary. It doesn't matter, though, as the only thing you'll be doing in there is some command-line fu.

If Elementary is not listed in UNetBootin's list and you want to use it instead of Ubuntu, then you'll have to download the ISO from elementaryos.org. If you're not sure whether your PC is 32 or 64-bit (it's probably 64-bit), then download the 32-bit ISO, as it will work on both platforms. After downloading the ISO, use UNetBootin to put it on the flash drive.

Part 2: Booting into Linux

What you need to do can be a little tricky, as every computer has a different BIOS, but you basically need to persuade your computer to boot from the flash drive. Typically, it's an option like "Boot options", or "Setup". I think you'll be able to figure it out with enough time. Just keep turning it on, and pay attention to the first 10 seconds

If you get stuck, there are many tutorials, for example: YouTube: How to boot your computer from a USB drive

Once you get that done, you should be in. Now just open up a terminal. In Ubuntu, it's Ctrl+Alt+T, in Elementary, press Alt+F2 and type "Terminal"

Part 3: Exploiting a Security Hole

I know what you're thinking, but in this case, it's perfectly legitimate. You're only trying to get back into your own Admin account. So this is considered white hat, and it's fair game.

So the FIRST thing you need to do, is type these commands

$ cd /media
$ sudo find . -name "Windows"

Note: Do not type the $, #, or > symbols. Those are merely to let you know it's a prompt. Similarily, don't type a line that isn't preceded by one of those symbols

If you see no results, then read Scenario A. If you DO see a result, then read Scenario B.

Scenario A: No results in /media

$ sudo su
# cfdisk

Now carefully read the output, and look for a partition that is NOT "System Reserved". Typically, it's /dev/sda2. So I'll assume it was that. Hit "q" to quit cfdisk

# mount /dev/sda2 /mnt
# cd /mnt/Windows/System32
# mv Magnifier.exe cmd2.exe
# mv cmd.exe Magnifier.exe
# mv cmd2.exe cmd.exe
# shutdown -h 0

Note: when you're reversing these steps, just follow the exact same steps

Scenario B: You found results in /media

Start typing the name of the folder shown in the search result, then hit tab to auto-complete.

$ cd 14afbc<tab>

When you're in, type the following:

$ sudo su
# cd Windows/System32
# mv Magnifier.exe cmd2.exe
# mv cmd.exe Magnifier.exe
# mv cmd2.exe cmd.exe
# shutdown -h 0

Part 4: Reset your password

After it shuts down, remove the flash drive, and boot into windows.

At the login screen, move your mouse to the bottom left and click the Accessibility icon. Then open Magnifier. Do you see where this is going?

In the most beautiful moment of "that's not supposed to happen", you'll see a command prompt open up. Type:

> net user [your Admin User Name] *
Type in your password

And Voila! You've reset your Admin's password. Now you can shut down, and follow the above steps again to reverse it, and when you boot back into windows, there will be no trace of what happened. Simply Log in to your Admin account and go about your day like normal.

Permanent Link to this page: http://bradenbest.com/tutorials/get_page.php?path=tuts%2Fwindows%2F&name=How+to+reset+your+Admin+password+without+Admin+rights

Have an idea for a tutorial? Go to the Suggestion Box


Back to main