Breaking Windows 2000/2003/XP/Vista Administrator Password

Going by my word posting here about a simple tool which will break Windows 2000/XP/2003’s Administrator account’s password.

Before starting, for newbies…

Windows NT 5.0 = Windows 2000 (all edition)
Windows NT 5.1 = Windows XP (all edition)
Windows NT 5.2 = Windows 2003 (all edition)

So throughout this post I will refer our target as Windows NT 5.x (as following content are equally applicable to all Windows NT 5.x OS family).

So lets start the fun…
You will be surprised to know that you can break into any Windows NT 5.x system without any software tool 80% of the time! For rest you need a software like below!

First lets get to 80% of the vulnerable system….

In Windows NT 5.x, you can create any no. of user with different names, privileges and optionally password.
One such account with highest privilege level, with user name “Administrator” is setup by default.

At the time of installation Windows NT 5.x prompts for password but many systems are setup by vendors and other person. The end-user of this system is different than one who installed it. These lazy people are always in hurry and often left this password as blank.

The irony comes next. In final step of installation you create an account with mostly your first name. Lock it with password(optionally) and start using the system. Now on welcome screen you see account(s) with different name. But have you never see this default “administrator” account unless you boot in “safe mode”.

Now if you can’t see “administrator” account on screen (as with Windows XP login default screen), just pressย  “CTRL+ALT+DEL” and it will change login “screen” to login “box” where you can type “administrator” as user name! This is what works 80% of the time.

Now for rest of the 20% system….
There are literally more than 100’s of tool available on Internet and the tool I use is a small Live-CD named ntpasswd created by pnordahl. I got it from my hacker friend Surun.
Burn this ISO on a CD. Its bootable image of approx 2.7 MB.

It has Linux OS with text-mode only. No Linux Knowledge Require here to use this disk. ๐Ÿ˜‰

After booting from CD. A menu driven program will start with options and their description at each level.
READ EVERYTHING BEFORE GOING AHEAD as one mistake may make the target machine unusable.

One mistake may crash the system to the reinstallation phase! So test it first on systems from college, office, etc! ๐Ÿ˜‰

It worked 100% of the time….
As its 3.03 MB (after extracting) you can burn it on a mini-CD and keep it in your wallet all the time, so can roam around having master key to all systems having Windows NT 5.x family OS!

Link: ntpasswd by pnordahl

New comments are closed on this post!ย Try out our Support Forums.

54 Replies to “Breaking Windows 2000/2003/XP/Vista Administrator Password”

  1. Make a bootable with that iso using nero or any other cd writin software!
    jus boot with that bootable cd!
    at this stage u may need to change ur BIOS configuration!

    After successfully booting fron CD, u’ll be taken to menu driven program!
    jus select write things n try diff. (few) combination!

    it works 100% bt dnt try it on ur PC directly if u hv some imp data on it!

  2. hi
    this looks interesting but the next step of how to use winpass.rar is missing. plz let us know bout it..esp. me.. i need it badly..
    my email id is:techomech@gmail.com
    looking forward to it.

  3. @Techy
    Just boot from CD (burnt with winpass.iso).
    You will get a simple program asking you trivial question like Windows installation drive, new password, etc!

    Th program at each stage gives you a lot of help about various answers & options!

    If you stuck somewhere, I am here!

    Just be patience & enjoi!!! ๐Ÿ™‚

  4. I tried with DELL D630 Laptop
    OS: Windows XP pro

    After booting …it shows
    “Please select partition by number or
    a = show all partiotions, D = Automatically load new disk drivers ….

    I have seleted the “a”….
    but nothing showing …it showing above options once again…..

    finally…i couldnt chage my laptop admin password….

    1. @Just
      Did you tried another option – to press D.
      The menu comes when the program in disc fails to locate your hard-drive time.
      Technically it uses old linux kernel which may not be compatible with new hardwares.
      If you have knowledge of hardware/linux, the you may try to load hard-disk driver manually. But DO IT ON YOUR RISK as it may damage the whole system.

  5. I downloaded the winpass.rar and unpacked it. In it there was another rar file. After unpacking, it revealed somefiles with funny names like ascii characters. I bunred that to CD but it didnt BOOT. Now what.

    1. @Sheraz
      In winpass.rar there is a ISO file. It seems ISO files are by default associated with winrar application on your system.
      You need to use Nero like software to burn ISO file so as to make bootable CD.
      Here you seem to create a Data CD. It won’t work… ๐Ÿ™

  6. plz rahul could u send me the link for downloadin the zip file coz i downloaded it but it’s comin with .txt
    so wat to do in this case or plz forward me that file to ma email
    thankin youuuuuuuu

  7. Hi,
    Does this work on Xp SP3? I wrote a small “OS” in ASM and C++, that did the same, but that stopped working with SP3.I never made that public as I feared script kiddies misusing it.
    Hint 1: Basically, there are certain commercial apps available, which infact are even supported by Micro$oft!!
    Hint 2: Recovering or resetting the Xp password involves a kernel specific file,which cannot be modified unless you have full Ring0 mode(protected mode).
    These two hints and google will help anyone who wants to break XP password for any user.But yea, with SP3 there are certain changes, which I have not looked into.

  8. sir i m student of engineering can u tell me when we r starting windows xp nd there is some administrator passwrd there how i can break it can u any suggestion please i m waiting ur raply sir

  9. The above method is neat, its a little “compressed-password-breaking Linux” kinda. The elite way of doing that could be using BackTrack , Backtrack is special version of Slackware Linux, custom built for security purposes.
    A Black hat can use Backtrack to compromise the windows security all the way ๐Ÿ˜‰
    give it a shot !

  10. I have two operating system 1. windows xp
    2. Linux

    Somebody changed the password the windows administrator password but i dont have any users also plz kindly message as it possible as soon.

  11. I have lost my administrator password and i can’t able to login my system also i have no any other user to login, How can i break my administrator password,

    Can give my please….. name any software or any easy stape to break my adminstrator password.

    thanks
    subodh sahu

  12. I have lost my administrator password and i canโ€™t able to login my system also i have no any other user to login, How can i break my administrator password,

    Can give my pleaseโ€ฆ.. name any software or any easy step to break my administrator password.

  13. very good!
    BTW, there is another good solution
    I have purchased Windows Password Recovery Tool .
    it not only supports XP, 2000, and NT, I have personally tested it with Vista Home Premium and Ultimate. It works perfectly to reset any local user account to a blank password. I Wrote it to an old 128mb USB flash drive do this. Booting up and clearing a password takes a minute or two works like a charm.

  14. I forgot my windows vista administrator password? And I want to recover it back or break the password down, because vista is restricting me to access some folders and files on my PC, which I have locked before.

    Please help me out of this problem.

  15. i went tru the article and a very usefull article , but i am disappointed with the Guys who are tying to implement this ,rahul really appreciate your effort and patience .. Guys who are gogin tru this article, please google it for How to Burn an ISO . and i would nto recomend using this with no knowledge on How to BUrn a ISo image .. i would say its not worth the effort ..

    regards,
    Muja ..

    Keep it comign Kidos…

  16. frnd
    I forgot my window vista administrator passward.plz tell me how can i break this passward without damging data .Plz send me software by which i can break passward. My email id is vsihag@yahoo.com

  17. here we go yet again !! i Guess people become too lazy , i say internet made us lazy .. infact made few of them too lazy we have some nice article written above my frined vikram .. no one nt even the monopoly master b.Gates can Help u with wat u are asking with a guarentee fr ya data .. now if u really want to try please read tru the article or google it

    Thanks / bt no offense bt i find it anoying wen you got some ready info in front of you and rather than trying it out tey would preffer spoon feeding..

    @ vikram :Live-CD named ntpasswd created by pnordahl
    i haven tried , try @ own risk .. no guarentee 4 ya data afterall its windows.

    MJ

  18. Last month , i lost my windows administrator password. Eventually , I solved my problem with the

    help of windows password key. It works perfectly to reset any local user account to a blank

    password. Just an easy to use bootable CD/DVD . It can also be used on a USB Flash Drive. You

    can download it from: http://www.lostwindowspassword.com/.

  19. Hi

    Let me start wid d problem,in my office i m not able to use dis trick as dey have removed cdrom drive,i cant accses pen drive too cz admin had blocked ports also,can u tell me any trick by which i can brk admin password and use my pen drive

    thanks

  20. Boot from windows cd
    At 34 mins of installation press shift+F10
    type nusrmgr.cpl
    Select account and change password,

  21. My problem is a little different from the ones that are mentioned here so far. Let me Explain:
    I am using Windows 7 (32 bit) and have installed the Windows Virtual Machine. Inside that virtual machine, I have installed XP. I have another virtual disk(.vhd file) that contains Windows Server 2003, is sitting on the C: drive of Windows 7. I have created a connection to this Virtual Disk from the Virtual Machine that I have mentioned before. So now, when I open the Windows Virtual Machine, I see two icons – one for the XP and one for the Windows Server 2003. When I try to open and login to the Windows 2003 Server, it asks for an Administrator’s password which I forgot. I did not set up any other user for this environment. Now, any ideas from anybody about how do I sove this problem?

    To put it bluntly, I need to break in to this system but haven’t have any luck yet. Any help with this will be greatly appriciated.

    Regards,
    –Ahsan.

    1. press twice alt+ctrl+del when u were asked to enter your user name and password.give user name as “ADMINISTRATOR” and password as “NO”. all are in capital letters.

    2. i forget window 2000 administrator password.please tell me how i break password without internet

  22. I have locked out of my computer for a while,and have tried everything i could do but failed.Until I found this great tool – Reset Windows Password 1.3 boot CD as recommend .It works great,Such a marvellous and useful tool.

  23. The best solution I found was to use the Windows Password Reset Kit, it got me in seamlessly and there were absolutely no problems.

  24. dude i tell u a much simpler way,for resetting password,restart computer press F8 it will open up a window just select safe mode.a log on screen will appear in which an additional administrator account will appear u can logon to this account without password.after entering in this account u can easily remove password of ur main account without knowing ur original password.

  25. Windows Password Key

    Saved me today. After many hours of installing and tweaking a brand new PC, something went wrong. I was not able to log into the only Administrator account I had, once the machine had been rebooted.

    I burned Windows Password Key to usb, followed the onscreen prompts and in a few minutes was back in the machine.

    What a lifesaver!

    It will become a permanent part of my toolset for fixing Winndows password problems.

    http://download.cnet.com/Windows-Password-Key/3000-2092_4-11166455.html

  26. A few days ago, I lost my windows vista administrator password. I solved my problem with the help of windows password seeker. Not only support Windows Vista, but also compatible with Windows 7, I tested it on my laptop installed with Windows 7 and remove the local user and admin accounts password successfully. Itโ€™s worth trying. You can download it from: http://www.passwordseeker.com

  27. Thanks a ton, i was one of those 80% who was breaking my head since a week and got the solution in a second. for those who are visitors here, at the login screen i pressed control+alt+del and gave the username as ADMINISTRATOR and enter, and voila i was able to login and change my password.

Comments are closed.