ComputerSecurityStudent (CSS) [Login] [Join Now]

|FORENSICS >> Password Clearing >> Current Page |Views: 46576

( Password Clearing: Clearing out any windows password )

{ The Offline Windows Password & Bootdisk }

Background Information
  • Background
    • The Offline Windows Password & Bootdisk / CD work from Windows NT to Windows 7.
    • For the purposes of this lab, we are pretending that you are locked out of the administrator, instructor and student accounts.


  • Reference Link: 


  1. Login to a Windows machine that is connected to a USB drive.
    • For my students, it would be your lab or personal machine.
    • For those of you that do not have access to my class, you can download the file to your hard drive, flash drive or burn it to a CD/DVD.


  2. On the Windows machine that is connected to the USB drive, go to
    • Click on the Bootdisk Button.
    • Scroll down and click on (See Below)


  3. When saving the file.
    • Navigate to your USB, Flash or Hard-drive
    • In my case, I am putting the file in the following location on my USB Drive.
      • D:\Recover Password\
      • Click Save (See Below)


  4. When Extracting the File
    • Open Up Windows Explorer
    • Navigate to your location where you saved the file.
      • In my case, D:\Recover Password\
    • Click on Extract to cd110511.


  5. Check to make sure file was extracted
    • In my case, I am verifying file was extracted to D:\Recover Password\cd110511\


Section 1: Set up Instructor VM to boot cd110511


  1. Start up your VMware Player
    • Go to File --> Open a Virtual Machine


  2. Select your Instructor VM.


  3. Edit Virtual Machine Settings (See Below)


  4. Highlight CD/DVD (IDE)
    • Note: We will tell your VM Image to boot from the ISO password utility.


  5. Setting Location to ISO file.
    • Click the Use ISO image file radio button.
    • Browse to where file cd110511.iso is located.
      • In my case, D:\Recover Password\cd110511\cd110511.iso.
    • Click OK, after you select the ISO.



Section 2: How to boot the Instructor VM into the ISO Image
  1. Start your Virtual machine
    • Proceed Quickly to the next step.


  2. Booting from the ISO
    • At the same time, Click the right mouse key and the ESC button, when the screen starts to change to the vmware screen below.
    • Note: This might take you a few times so be patient!!!


  3. Selecting from the Boot Menu (See Below)
    • Select CD-ROM Drive by using your down arrow.


  4. Using the Windows Reset Password Utility.
    • Just press enter at the "boot:" prompt.


  5. Selecting the Partition
    • The default partition will be already set to "1".
    • Just press enter.


  6. Do you wish to force it? y
    • Select "y" and press enter.

  7. Setting the path to the registry directory
    • Just Press Enter


  8. Setting the password reset registry.
    • Select 1, and press enter. 


  9. Edit User Data and Passwords
    • Select 1 and Press Enter


  10. Select User whose password you wish to blank out.
    • The default is usually "Administrator"
    • Just press Enter.


  11. Clear User Password
    • Select 1 and Press Enter
    • If successful, you will see the message "Password Cleared!"


  12. Selecting another user to clear their password
    • Select "!" and press enter.


  13. Clear the Instructor Account
    • Type "Instructor" and press Enter


  14. To clear the Instructor password
    • Select 1 and press Enter


  15. To Quit making changes
    • Type "!" and Press Enter
    • Type "q" and Press Enter
    • For Proof of Lab press the PrtScn Button and paste into a word document


  16. Saving your changes
    • To save your work, Type "y" and Press Enter
    • To escape out of the run, Type "n" and Press Enter
    • To fire up the Windows Operating System, Type "reboot" and Press Enter


Section 3: Logging in to Instructor VM after clearing passwords
  1. On the Instructor VM
    • Select from the menu: Virtual Machine Settings... --> Send Ctrl+Alt+Del


  2. Log in as Instructor or Administrator
    • Leave Password Blank


  3. Reset your Instructor Password
    • Select Start --> Control Panel


  4. Select Administrative Tools


  5. Select Computer Management


  6. Click on Users, Under Local Users and Groups, Click on Users
    • .


  7. Right Click on Administrator, Click on Set Password,
    • Click on the Proceed.


  8. Reset the Instructor password to the class standard password, or if you are not in my class to whatever you like.


  9. Repeat this procedure for any passwords you cleared earlier.


Proof of Lab
  1. Do a screen print of Section 2, Step 15. 
  2. Paste to a word document
  3. Submit to moodle.


























Help ComputerSecurityStudent
pay for continued research,
resources & bandwidth