November 14, 2017 Views: 2.5k
Have a physical access to a computer but don't know the password to get into. Well this is not a big problem to overcome if you have a Kali Linux burned on a USB stick. You can follow my previous post if you have't done that yet.
The first thing to do is to boot up the computer or PC with our USB stick incerted and navigate to the boot menu usually by pressing the F9 or F12 key.
Now select the option to boot from USB by using the navigation keys and press enter.
We will be presented with the Kali Linux boot menu, here we will just select the option to go Live again by using the navigation keys.
Kali Linux will take 2 to 3 minutes to load and will land us to the Desktop. Now we just launch the Files application from the Kali Linux Desktop menu and we are almost done. Select the Other Locations option and it will load all the drives that are present in the Hard Disk and we just have to mount them by clicking on the desired drive. So by now you might have woundered that we already are inside the PC and can perform any action we want modify, delete, copy, etc.
So what else we can do, how about changing the administrator password of the Windows itself. We cannot directly see whats the password as it is converted to hash and then stored by Windows. We know that Windows store the password in the directory C:/Windows/System32/config/ in a SAM file. So first navigate to the directory.
Kali Linux provide us with chntpw which is a powerfull application build to modify the SAM file. Now to do that we open up a terminal in the config folder by right clicking and select open a terminal. Then just run the command chntpw -l SAM
The command will tell the chntpw to list all the users in the SAM file. Next we have to select the user we want to modify here we are just selecting the administrator by using the command chntpw -u Administrator SAM
As you can see we have options to Clear which is the option you should use as it clears the password from the SAM file. So select 1 and press enter in just few seconds it will clear the password. Now just exit the terminal and shut down the Kali Linux and remove the USB stick and power up the computer and gess what you won't require any password to login to Windows. You are the Administrator!