Ada dua kemungkinan dalam penggunaan Ubuntu. Pertama, bisa jadi di komputer atau laptop Anda sudah terdapat sistem operasi ubuntunya (dual boot), maka anda dapat langsung menginstall packet chntpw. Kedua, jika anda tidak menggunakan dual boot, windows dan Ubuntu, Anda dapat mengunduh Ubuntu, dan membuat Bootable Ubuntu Usb Flash Drive (live ubuntu via flashdisk). Dan satu lagi, anda perlu terkoneksi ke internet untuk dapat menginstall paket menggunakan perintah apt-get install :) .
Sekarang kita mulai mereset password windows menggunakan Ubuntu dan chntpw.
1. Install paket chntpw.
root@spydeeyk-r00m:~# apt-get install chntpw
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
chntpw
0 upgraded, 1 newly installed, 0 to remove and 297 not upgraded.
Need to get 54.2kB of archives.
After this operation, 143kB of additional disk space will be used.
Get:1 http://kambing.ui.edu/ubuntu/ lucid/universe chntpw 0.99.5-0+nmu1 [54.2kB]
Fetched 54.2kB in 1s (40.0kB/s)
Selecting previously deselected package chntpw.
(Reading database ... 289877 files and directories currently installed.)
Unpacking chntpw (from .../chntpw_0.99.5-0+nmu1_i386.deb) ...
Processing triggers for man-db ...
Setting up chntpw (0.99.5-0+nmu1) ...
root@spydeeyk-r00m:~#
2. File penting windows yang berhubungan dengan user dan pass yaitu file SAM, untuk itu kita pindah ke direktori dimana file SAM tersebut tersimpan. pada sistem operasi windows saya berada di:
root@spydeeyk-r00m:~# cd /media/6CCC15DCCC15A0FE/Windows/System32/config/
Anda perlu me-mounting partisi windows anda jika belum di mount.
3. Sekarang kita mulai menggunakan chntpw, berikut beberapa perintah yang dapat dieksekusi:
lihat help/bantuan:
root@spydeeyk-r00m:/media/6CCC15DCCC15A0FE/Windows/System32/config# chntpw --help
chntpw version 0.99.5 070923 (decade), (c) Petter N Hagen
chntpw: invalid option -- '-'
chntpw: change password of a user in a NT/2k/XP/2k3/Vista SAM file, or invoke registry editor.
chntpw [OPTIONS] [systemfile] [securityfile] [otherreghive] [...]
-h This message
-u Username to change, Administrator is default
-l list all users in SAM file
-i Interactive. List users (as -l) then ask for username to change
-e Registry editor. Now with full write support!
-d Enter buffer debugger instead (hex editor),
-t Trace. Show hexdump of structs/segments. (deprecated debug function)
-v Be a little more verbose (for debuging)
-L Write names of changed files to /tmp/changed
-N No allocation mode. Only (old style) same length overwrites possible
See readme file on how to get to the registry files, and what they are.
Source/binary freely distributable under GPL v2 license. See README for details.
NOTE: This program is somewhat hackish! You are on your own!
Mengedit/reset password Windows
root@spydeeyk-r00m:/media/6CCC15DCCC15A0FE/Windows/System32/config# chntpw -i sam
chntpw version 0.99.5 070923 (decade), (c) Petter N Hagen
Hive name (from header): <\SystemRoot\System32\Config\SAM>
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c
Page at 0x19000 is not 'hbin', assuming file contains garbage at end
File size 262144 [40000] bytes, containing 8 pages (+ 1 headerpage)
Used for data: 298/88680 blocks/bytes, unused: 11/9368 blocks/bytes.
* SAM policy limits:
Failed logins before lockout is: 0
Minimum password length : 0
Password history count : 0
<>========<> chntpw Main Interactive Menu <>========<>
Loaded hives:
1 - Edit user data and passwords
2 - Syskey status & change
3 - RecoveryConsole settings
- - -
9 - Registry editor, now with full write support!
q - Quit (you will be asked if there is something to save)
What to do? [1] -> 1
===== chntpw Edit User Info & Passwords ====
| RID -|---------- Username ------------| Admin? |- Lock? --|
| 01f4 | Administrator | ADMIN | dis/lock |
| 01f5 | Guest | | dis/lock |
| 03ed | HomeGroupUser$ | | dis/lock |
| 03eb | others | | dis/lock |
| 03e8 | spydeeyk | ADMIN | dis/lock |
Select: ! - quit, . - list users, 0x - User with RID (hex)
or simply enter the username to change: [Administrator] spydeeyk
RID : 1000 [03e8]
Username: spydeeyk
fullname:
comment :
homedir :
User is member of 1 groups:
00000220 = Administrators (which has 2 members)
Account bits: 0x0214 =
[ ] Disabled | [ ] Homedir req. | [X] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account | [ ] NMS account |
[ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act |
[X] Pwd don't expir | [ ] Auto lockout | [ ] (unknown 0x08) |
[ ] (unknown 0x10) | [ ] (unknown 0x20) | [ ] (unknown 0x40) |
Failed login count: 11, while max tries is: 0
Total login count: 804
- - - - User Edit Menu:
1 - Clear (blank) user password
2 - Edit (set new) user password (careful with this on XP or Vista)
3 - Promote user (make user an administrator)
4 - Unlock and enable user account [probably locked now]
q - Quit editing user, back to user select
Select: [q] > 2
New Password: test123
Password changed!
Select: ! - quit, . - list users, 0x - User with RID (hex)
or simply enter the username to change: [Administrator] !
<>========<> chntpw Main Interactive Menu <>========<>
Loaded hives:
1 - Edit user data and passwords
2 - Syskey status & change
3 - RecoveryConsole settings
- - -
9 - Registry editor, now with full write support!
q - Quit (you will be asked if there is something to save)
What to do? [1] -> q
Hives that have changed:
# Name
0
Write hive files? (y/n) [n] : y
0 - OK
root@spydeeyk-r00m:/media/6CCC15DCCC15A0FE/Windows/System32/config#
Yup, that's all..
Beberapa hal yang perlu diperhatikan
1. lihat apakah user dilock atau tidak, unlock jika user di lock
2. Pada percobaan yang saya lakukan di windows7, edit user password tidak berhasil, namun berhasil dalam membuat password menjadi blank atau tidak berpassword untuk login windows. Jadi, cukup dengan membuat password user berlevel administrator menjadi blank, kemudian login dengan user admin berpassword blank tersebut dan mengedit passwordnya kemudian.
'Met mencoba.
0 comments:
Post a Comment