Monday, 10 June 2013

Hack admin account in XP, Vista, Windows 7 and Mac - Complete beginners guide!!

1. Hack administrator account in XP OS – Just by using command prompt is one of the easiest ways (without installation of any programs).
• Open the computer in safe mode pressing ‘F8’ key (in xp safe mode does not require password unless it is set)
• Now open command prompt: Start>Run>cmd
• Once you are in command prompt, type in the following command to finally change the administrator password:
net user (this command will show you the list of users in your computer)
net user Administrator (this command will show you the information of administrator like when was the account created and if it has a password or not)
net user Administrator * (this command will prompt a blinker that says “Type a password for the user:” This is the place where you want to enter your password. Now, remember that when you type your password, you won’t be able to see the characters; you will just see the blinker. After you finish typing your password you will see another prompt which says “Retype the password to confirm:” Now type in the same password again and you will see “The command completed successfully.”
• Finally, you have changed the administrator password using command prompt.

2. In case the safe mode in XP OS is protected with password – Using a live CD of a program called Ophcrack. Ophcrack uses rainbow table to crack password in LM and NTLM hashes. Actually, our system stores passwords by converting them in to their hashes which is like a code so that even if someone will find it, it will be tough for them because they need to change the hashes in to real characters and that’s what rainbow table does. Rainbow table has large number of passwords along with their respective hashes. Hence, this is how Ophcrack works. Anyways, if you don’t care then just move on and follow the steps below .
• Download Ophcrack XP LiveCD from here: http://ophcrack.sourceforge.net/download...ype=livecd
• After you finish downloading, you need to burn the downloaded file in to cd using .iso burner for which you need to download a program to burn, get it from here:
http://www.freeisoburner.com/
• Now once your Ophcrack disc is ready, insert it in to the target computer and restart the computer. Since the Ophcrack is bootable, it will load itself. Now you will see this screen:
• After you see the above screen, press enter (which is on ‘Ophcrack Graphic mode-automatic)
• Wait until Ophcrack loads up as it tries to find the hashes.
• Finally, you will see the Ophcrack screen as below:
• Now, just leave it until Ophcrack will list all the users’ passwords including Administrator in ‘NT Pwd’ column. The one with empty does not have a password. It only cracks the passwords up to 14 characters long.

3. In case Ophcrack LiveCd does not work for you – Using live cd of another program called Trinity Rescue (this is my favorite tool). However, this tool does not recover the password like Ophcrack but it will change any password.
• Download Trinity Rescue Kit from here:
http://trinityhome.org/Home/index.php?fr...=12&wpid=5
• Now once you finish downloading you need to burn it in to a cd for which you need to repeat the same thing as we discussed above for Ophcrack. Download iso burner to burn the file in to cd from here:
http://www.freeisoburner.com/
• After your Trinity Rescue disc is ready, insert in to the target computer and restart. Again, it will load itself and you will see the screen shown below:

• After you see the above screen press enter and leave it until you see the screen below

• Now, once you see the above screen, you will also notice a blinker which is [root@trk]:(~)# _ This lets you enter commands. Now type in winpass and you will see the screen below:
• Now after you see the above screen type 1 and press enter so that it will pullout the information of users in that computer which is very important to see if some other user is admin or not. This will let you figure out which user account should you crack according to your choice.
• Now, say you wanna hack admin account. So type in winpass –u Administrator and you will see the same screen as above. So, press 1 and enter again and leave it until you see a numbered list to perform different actions.
• After you see this list, select the number according to your choice and press enter. Say you want to clear the admin password, then type 1 and press enter. Now leave it until you see the the blinker with [root@trk]:(~)# _ Once you see this, type init 0 and it will shutdown Trinity Rescue and restart your computer again. Also, remove Trinity Rescue Disc from your computer. Now, you will see two accounts on your login page. One is the administrator and another is the current user. Now if you click on administrator it will open without asking any password. I would highly recommend beginners to user Trinity Rescue kit as it hits the target for sure. Ophcrack is good but it does not guarantee you that it will crack the password for sure.

4. Hack administrator account in XP OS – Using Live Cd of Backtrack 4 (its works like trinity rescue as it removes the password of any account)
• Download Backtrack 4 from here:
http://www.backtrack-linux.org/downloads/
• So after you finish downloading, you need to burn the downloaded file in to cd using .iso burner for which you need to download a program to burn, get it from here:
http://www.freeisoburner.com/
• Now, once your Backtrack 4 live cd is ready, insert it in to the target computer and restart. Backtrack 4 will load itself and you will see the screen below:


• Now, we will use a program called ‘Chntpw’ from Backtrack 4. You can find by clicking, Backtrack Start menu>Backtrack>Privilege Escalation>Password Attacks>Chntpw, as shown below:
• After you open Chntpw, you will get a screen which shows you then information about Chntpw and also a blinker which is root@bt:~# in order to let you enter the command. Now you need to type in a command which is actually giving the location of SAM file (where the password of the system is stored). Location of SAM file varies but usually it is inside the ‘config’ of System 32. Now type in this command:
chntpw –i /mnt/hda1/windows/System32/config/SAM
 • After you finish typing the above command you will see a screen with a numbered list of options and a blinker to let you enter the specific number to perform the action according to your wish as seen below:
• Ok, so number 1 lets you edit user date and password so enter 1. Now, you will see the list of users in that computer. Type in Administrator or whichever you want and then enter. You will again see a numbered list with different options.
• If you wish to clear user password, then enter 1 or if you wish to perform different action with the account then enter different number. Now, simply restart the computer and login in to any account you want.

5. Hack administrator account in Vista OS – Using command prompt
• The main problem in vista using command prompt to hack admin account is that you have to be logged in as admin and that’s what we trying to do. So, this method for vista is useless. But, the process to change the admin password is same as we did for XP above using the same command.

6. Hack administrator account in Vista OS – Using Ophcrack
• Its exactly the same process as we did above for XP OS but you should download the live cd for Vista OS as they have two live cd in the link, one is for XP OS and one is for Vista OS. Again, follow the same step number 2 above using the same link and burning the cd and everything.

7. Hack administrator account in Vista OS and Windows 7 OS – Using Trinity Rescue
• Again, it is exactly same for XP, Vista OS and Windows 7 OS. Therefore, follow the step number 3 above and unlike in Ophcrack, you don’t have to make separate live cd of Trinity Rescue for XP, Vista and Windows 7. The same live cd will work for all three.

8. Hack administrator account in Vista OS – Using Backtrack 4
• Same as in step number 4 downloading same file and following all the same steps.

9. Create an admin account in Mac (without the installation of any programs): I have shown different methods to change the Administrator password for pc using windows OS, I will also include a brief tutorial on how to be an administrator or how to create an admin account on Mac computers.
• First reboot your mac. Then hold the Apple logo + S on startup. After this, you will be directed to root screen with a blinker :/ root# where you can input commands to create an admin account.
• Now type in the following command:
mount –uw / (remember that there is a space after mount and before slash)
rm /var/db/ .Applesetupdone (space after rm and the last slash)
reboot
• Now when your mac restarts it will ask you to setup everything from the very beginning like your wifi, username and other stuffs. Now, you have all the rights of an administrator.

Thank you! I hope this tutorial will help.



0 comments:

Post a Comment