Lost your Windows 7/Vista/XP password and cannot log in to your machine? If you have a rescue disk, you should be okay. If not, you might have to turn to BackTrack Linux for help.
Microsoft stores the password hashes of Windows user accounts in the registry hive c:\windows\system32\config\sam. This file is highly protected and not accessible while Windows is running even for the administrator user. To circumvent the protection and access the SAM file, we need to boot from a Live CD such as BackTrack so we can hack Windows password in the SAM registry file.
The method that I describe in this tutorial can works with any computer running Windows 7/Vista/XP system. To get started, you need to download a live edition of BackTrack Linux distribution and burn that ISO image to a CD (you could also burn BackTrack on a USB drive). Either way, you will need to boot in to Linux to hack your forgotten Windows 7/Vista/XP password.
How to Hack Windows 7/Vista/XP Password Using BackTrack?
- First of all boot your target computer using BackTrack Live CD or USB drive.
- Once Backtrack is booted, log in to the root user account using the default password: toor. Type in startx to start the GUI.
- Now go for Application > Privilege Escalation > Password Attacks > Offline Attack > chntpw.
- Identify and mount your Windows partition in read/write mode using below commands:
umount /mnt/hda1
modprobe fuse
ntfsmount /dev/hda1 /mnt/hda1
If your hard disk is SATA type then you need to use /sda1 instead of /hda1 in the above steps. - To list out all the users in the Windows SAM registry hive:
./chntpw -l /mnt/hda1/windows/system32/config/SAM
- To reset the password for any specific user:
./chntpw -u username /mnt/hda1/windows/system32/config/SAM
BackTrack is widely used by most tech-savvy Linux users to hack Windows login password. But if you don’t have much experience with Linux, it’s better to use another software to hack Windows 7/Vista/XP password – Reset Windows Password, which is a Live disk based on Windows PE operating system and makes it much easier for average computer users to hack Windows password on their own.