Posted by kglee | Filed under Software Fixes
winpass, choose vista folder, unlock account, clear password
winpass -u username
http://mirror.tuxinator.org/trinityhome/trinity-rescue-kit.3.3-build-318.iso
Hack Windows Vista! – Click here for this week’s top video clips
February 1st, 2009 at 3:03 pm
thx!!
April 3rd, 2009 at 3:15 am
Thank you!
April 10th, 2009 at 7:46 am
Perfectly Working fine. No problem with virus and anything highly recomended.
Happy Ester thank you.
April 11th, 2009 at 4:50 am
I use chntpw a lot and using the hex id (RID) instead of the user name generally saves a lot of head aches.
Type “winpass -l” to to get a list of users then type “winpass -u 0x” replacing with a user’s hex value.
Something like this:
[root@trk]:(~)# winpass -l
…
0e3d | user name | ADMINISTRATOR
…
[root@trk]:(~)# winpass -u 0×0e3d
Hope this helps.
Hi,
How Enable Administrator With TRK 3.2
The account administrator is Dissable. I change the password but i need enable!.
How i do it with TRK 3.2?
You can do it with ‘winpass’
Howto enable Administrator account with TRK 3.2 Build 279:
Boot your TRK and type
Code:
winpass
in console and you see:
Quote:
Searching and mounting all filesystems on local machine
Windows NT/2K/XP installation(s) found in:
1: /hda1/WINDOWS
Make your choice or ‘q’ to quit [1]: Ok, continue
Enter
Code:
1
for the partition with the Windows installation
Then you see:
Quote:
chntpw version 0.99.3 040818, (c) Petter N Hagen
Hive’s name (from header):
ROOT KEY at offset: 0×001020 * Subkey indexing type is: 666c
File size 28672 [7000] bytes, containing 6 pages (+ 1 headerpage)
Used for data: 254/21120 blocks/bytes, unused: 8/3264 blocks/bytes.
Hive’s name (from header):
ROOT KEY at offset: 0×001020 * Subkey indexing type is: 666c
Page at 0xd000 is not ‘hbin’, assuming file contains garbage at end
File size 262144 [40000] bytes, containing 12 pages (+ 1 headerpage)
Used for data: 967/43880 blocks/bytes, unused: 4/4888 blocks/bytes.
* SAM policy limits:
Failed logins before lockout is: 0
Minimum password length : 0
Password history count : 0
RID: 01f4, Username: , *disabled or locked*
RID: 03ed, Username:
RID: 03ec, Username: , *disabled or locked*
RID: 01f5, Username: , *disabled or locked*
RID: 03e8, Username: , *disabled or locked*
RID: 03ea, Username: , *disabled or locked*
RID: 03eb, Username:
———————> SYSKEY CHECK Not Set (not installed, good!)
SAM Account\F : 1 -> key-in-registry
SECURITY PolSecretEncryptionKey: 1 -> key-in-registry
***************** SYSKEY IS ENABLED! **************
This installation very likely has the syskey passwordhash-obfuscator installed
It’s currently in mode = -1, Unknown-mode
SYSKEY is on! However, DO NOT DISABLE IT UNLESS YOU HAVE TO!
This program can change passwords even if syskey is on, however
if you have lost the key-floppy or passphrase you can turn it off,
but please read the docs first!!!
** IF YOU DON’T KNOW WHAT SYSKEY IS YOU DO NOT NEED TO SWITCH IT OFF!**
NOTE: On WINDOWS 2000 it will not be possible
to turn it on again! (and other problems may also show..)
NOTE: Disabling syskey will invalidate ALL
passwords, requiring them to be reset. You should at least reset the
administrator password using this program, then the rest ought to be
done from NT.
Do you really wish to disable SYSKEY? (y/n) [n]
type
Code:
n
for the standard SYSKEY settings (only change the settings of SYSKEY if you know what you are doing)
The next message looks like:
Quote:
Username: Administrator
fullname:
comment : xxx
homedir :
Account bits: 0×0211 =
[X] Disabled | [ ] Homedir req. | [ ] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account | [ ] NMS account |
[ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act |
[X] Pwd don’t expir | [ ] Auto lockout | [ ] (unknown 0×08) |
[ ] (unknown 0×10) | [ ] (unknown 0×20) | [ ] (unknown 0×40) |
Failed login count: 0, while max tries is: 0
Total login count: 8
Account is disabled
Do you wish me to reset the failed count, unset disabled and lockout,
and set the “password never expires” option? (y/n) [n]
Type
Code:
y
to unlock the Administrator account
Quote:
Unlocked!
** LANMAN password not set. User MAY have a blank password.
** Usually safe to continue
* = blank the password (This may work better than setting a new password!)
Enter nothing to leave it unchanged
Please enter new password:
At this point push only the RETURN-Key if you don’t wanna change the password
The last message says:
Quote:
Nothing changed.
Hives that have changed:
# Name
0 – OK
Now the account is unlocked and you can type
Code:
reboot
to start your Windows XP and login as Administrator
Last edited by HIT_Hunter on Mon Apr 21, 2008 3:48 pm; edited 5 times in total
Back to top
View user’s profile Send private message
HIT_Hunter
Joined: 14 Aug 2007
Posts: 70
Location: Germany
PostPosted: Sun Mar 30, 2008 12:39 pm Post subject: Howto enable Administrator account with TRK 3.3 Build 310 Reply with quote
But it’s better to use TRK 3.3 Build 310
Howto enable Administrator account with TRK 3.3 Build 310:
Boot your TRK and type
Code:
winpass
in console and you see:
Quote:
Searching and mounting all filesystems on local machine
Remounting NTFS partitions with ntfs-3g
Result of mounting:
/dev/hda1 on /hda1 type fuseblk (rw,nosuid,nodev,noatime,allow_other,blksize=4096)
Windows NT/2K/XP installation(s) found in:
1: /hda1/WINDOWS
Make your choice or ‘q’ to quit [1]:
Enter
Code:
1
for the partition with the Windows installation
Then you see:
Quote:
Ok, continue
chntpw version 0.99.5 070923 (decade), (c) Petter N Hagen
Hive name (from header):
ROOT KEY at offset: 0×001020 * Subkey indexing type is: 666c
File size 28672 [7000] bytes, containing 6 pages (+ 1 headerpage)
Used for data: 254/21120 blocks/bytes, unused: 8/3264 blocks/bytes.
Hive name (from header):
ROOT KEY at offset: 0×001020 * Subkey indexing type is: 666c
Page at 0xd000 is not ‘hbin’, assuming file contains garbage at end
File size 262144 [40000] bytes, containing 12 pages (+ 1 headerpage)
Used for data: 967/43880 blocks/bytes, unused: 4/4888 blocks/bytes.
* SAM policy limits:
Failed logins before lockout is: 0
Minimum password length : 0
Password history count : 0
| RID -|———- Username ————| Admin? |- Lock? –|
| 01f4 | Administrator | ADMIN | dis/lock |
| 03ed | andre | ADMIN | |
| 03ec | ASPNET | | dis/lock |
| 01f5 | Gast | | dis/lock |
| 03e8 | Hilfeassistent | | dis/lock |
| 03ea | SUPPORT_388945a0 | | dis/lock |
| 03eb | user | ADMIN | |
———————> SYSKEY CHECK Not Set (not installed, good!)
SAM Account\F : 1 -> key-in-registry
SECURITY PolSecretEncryptionKey: 1 -> key-in-registry
***************** SYSKEY IS ENABLED! **************
This installation very likely has the syskey passwordhash-obfuscator installed
It’s currently in mode = -1, Unknown-mode
SYSKEY is on! However, DO NOT DISABLE IT UNLESS YOU HAVE TO!
This program can change passwords even if syskey is on, however
if you have lost the key-floppy or passphrase you can turn it off,
but please read the docs first!!!
** IF YOU DON’T KNOW WHAT SYSKEY IS YOU DO NOT NEED TO SWITCH IT OFF!**
NOTE: On WINDOWS 2000 it will not be possible
to turn it on again! (and other problems may also show..)
NOTE: Disabling syskey will invalidate ALL
passwords, requiring them to be reset. You should at least reset the
administrator password using this program, then the rest ought to be
done from NT.
Do you really wish to disable SYSKEY? (y/n) [n]
type
Code:
n
for the standard SYSKEY settings (only change the settings of SYSKEY if you know what you are doing)
The next message looks like:
Quote:
RID : 0500 [01f4]
Username: Administrator
fullname:
comment : xxx
homedir :
User is member of 1 groups:
00000220 = Administratoren (which has 3 members)
Account bits: 0×0211 =
[X] Disabled | [ ] Homedir req. | [ ] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account | [ ] NMS account |
[ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act |
[X] Pwd don’t expir | [ ] Auto lockout | [ ] (unknown 0×08) |
[ ] (unknown 0×10) | [ ] (unknown 0×20) | [ ] (unknown 0×40) |
Failed login count: 0, while max tries is: 0
Total login count: 8
- – - – User Edit Menu:
1 – Clear (blank) user password
2 – Edit (set new) user password (careful with this on XP or Vista)
3 – Promote user (make user an administrator)
4 – Unlock and enable user account [probably locked now]
q – Quit editing user, back to user select
Select: [q]
Select
Code:
4
to Unlock and enable user account
And now you get this message:
Quote:
> Unlocked!
Hives that have changed:
# Name
0 – OK
Now the account is unlocked and you can type
Code:
reboot
to start your Windows XP and login as Administrator
May 23rd, 2009 at 6:01 am
This also worked for my copy of Windows 7 RC Build 7100.
August 12th, 2009 at 9:05 am
(rook@trk):(-)**——–what to type here
October 20th, 2009 at 3:01 am
Type “winpass -l” to to get a list of users then type “winpass -u 0x” replacing with a user’s hex value.
Something like this:
[root@trk]:(~)# winpass -l
November 30th, 2009 at 10:45 pm
I have downloaded windows password key 8.0. It is a very quick and useful utility for resetting passwords. It not only supports XP, 2000, and NT, I have personally tested it with Vista Home Premium and Ultimate. It works perfectly to reset any local user account to a blank password.
Just an easy to use bootable CD/DVD . It can also be used on a USB Flash Drive. http://www.lostwindowspassword.com/
May 19th, 2010 at 5:28 am
thanks—-excellent tool