DISCLAIMER

DISCLAIMER: Information on this blog is for educational purposes only. I am not and cannot be held liable for the misuse of information gathered from this blog.

Friday, October 14, 2011

BREAKING THE ADMINISTRATOR ACCOUNT PASSWORD WITHOUT KNOWING THE PRESENT ONE


This post shows you how to break (change) the Administrator account password without knowing the current one.  The previous post elaborated on the reasons that could warrant the changing of the Administrator account password.  Beware! The same procedure can be used to change any account’s password.  Therefore be sure to implement security in-depth to guard against victimization.
I prefer the Command Line Interface (CLI) and we will be using Disk Operating System (DOS) for this lesson.

STEPS
1.  Start a DOS application by clicking on the Start menu, click on Run, type cmd in the combo box
     as shown by Figure 1.0 below.  Click the OK button.  A DOS application Window is now opened.   

Figure 1.0  The Run Dialog Box
2.  To see all the user accounts on your PC, type the following command and press the Enter key 

                 net user

     This command shows user accounts like the Administrator, Guest, Jack, RootUser, WebUser,
     etc. as shown in Figure 2.0 below.

Figure 2.0  DOS Window Displaying User Accounts
3.  It is possible to get detailed information on a particular account.  Information as to whether the
     account is active, whether a password is required to log in, when the password was last set and
     when it will expire, the local group to which the account belongs, etc.

     To view this information, type the command net user AccountNname where AccountName
     is the account on which you want to view the information.   For instance, to view information
     on the Administrator account, type the following command and press the Enter key;

                 net user Administrator

     Information on the Administrator account is displayed as shown in Figure 3.0

Figure 3.0  Account Detailed Information
 4.  To finally break the password for a particular account, this is the command to use -
      net user AccountName *.  Make sure you leave a space between the account name and the
      asterisk symbol.  For example, this is how to break the password for the Administrator account
      using the command line as shown in Figure 4.0 below; 

                     net user Administrator *

      After pressing the Enter key, you are prompted to type a password for the user.  Note that
      when you are typing the password, nothing appears.  Press the Enter key after you have finished
      the typing.  You are prompted again to retype the password to ensure that you have not
      fat-fingered when  you were typing.

Figure 4.0  Breaking The Password

Voila!  That’s how simple it is to break a user account's password without know the current one.
Posted by at

4 comments:

  1. AnonymousOctober 16, 2011 at 7:14 AM

    Thanks my brother for the education.

    How then can one protect his account information or does this mean there is no "security" after all?

    Regards

    ephraim

    ReplyDelete
  2. AnonymousOctober 17, 2011 at 10:02 AM

    it does not work when you are using a limited account. Is there any other way to get it done?

    ReplyDelete
  3. Master robOctober 17, 2011 at 11:57 AM

    it works only when using administrator account.

    ReplyDelete
  4. Gbordzor EmmanuelOctober 20, 2011 at 8:54 AM

    Which operating system are you using? Also, are you trying this in a domain environment or on a standalone pc.

    ReplyDelete

Subscribe to: Post Comments (Atom)