resetting password on xp pro

I am trying to reset the admin password on an xp pro machine.  I downloaded a linux password reset utility.  I have to type nt_pass at the boot: prompt and it loads it up.  When it gets to the point where it shows the disks there are none listed?  I ran the utility on another xp machine and was able to see the disk.  The difference between the 2 machines is that one has a serial ATA drive and the one it worked on is a standard IDE. Anyone have any ideas???

Thanks,

Jeff

jeffreychorbaAsked:
Who is Participating?
 
dlmarioConnect With a Mentor Commented:
Hey Jeff,

there are many possibilities to reset the XP password.

In general you need a linux boot CD with the storagedrives of your System. Because of the "light" implementation of the proprietary NTFS into the linux kernel you need a clean filesystem (with no fs-check on windows bootup neccesary). If the NTFS is clean, the actual linux kernel is able to write and modify files on NTFS.
There is a binary called "chntpw" (change NT password), which can access the registy database of windows.

Here you can find a system CD for recovering a windows password:
http://www.tux.org/pub/people/kent-robotti/looplinux/rip/
(RIP means "recovery is possible")

It schuld have all drivers you need. Please try the following steps:

1) Boot the CD and press <enter> in the bootmenu

2) login as root

3) look, which partition is your NTFS
# fdisk -l
should show somethin like
[...]
/dev/sda1    0     12345     NTFS/HFS
[...]
then /dev/sda1 is your partition. (possible is sda, sdb, sdc and so on for the SATA disks. The number shows the partition # - so sda1 is the first partition on your first disk)

4) mount your xp into your RIP system
# mkdir /mnt/drive_c
# mount /dev/sda1 /mnt/drive_c -t ntfs -o rw
(first argument is your partition, second is your destination where to mount you xp, third is the type (ntfs or vfat or you can leave the whole "-t blabla") and the 4th is the option. in this case "rw" means "read/write")
# cd /mnt/drive_c
# ls -l
(now you should see your xp system)

5) navigate to your C:\WINDOWS\system32\config. change directory by directory, because it is case-sensitive and windows may have "system32" or "System32". Try it or use "ls -l S*" or something else. The windows dir can also named "winnt" instead of "windows" - just look for the names...

6) start the interactive mode of chntpw. the SAM registry hive have the user information including the passwords but the sam is crypted with the system key. but this key is placed in the SYSTEM hive ;-)
# chntpw -i SAM SYSTEM
(the files SAM and SYSTEM may be in capital letters or not...just look)

7) follow the password wizard ;-)

8) after exiting (with saving the registry!) restart the machine
# reboot

9) take the cd out of the cd-rom and relax.

any qestions?

good luck!

/Mario
0
 
pjedmondCommented:
Yes - You need the correct drivers in order to view the SATA drive, and my guess is that the drivers are not present on your password reset utility disc.....so ...alternatives:

1.    http://www.ubcd4win.com/contents.htm (Sala password Updat/reset)

2.    Do it with Knoppix. Knoppix is recognised as one of the best systems around for recognising hardware devices:

http://www.linuxquestions.org/linux/answers/Security/Resetting_Windows_Passwords_with_Knoppix

3.    Create a new Kernel with the correct SATA drivers - I knew you'd like a challenge...You can learn about building custom kernels here:

http://www.digitalhermit.com/linux/Kernel-Build-HOWTO.html

Probably better that you work with idea 1 or 2 unless you *really* want to make things difficult:)

(   (()
(`-' _\
 ''  ''
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.