Have been inactive for blogging quite sometime, and I really wanted to share this out few weeks ago, however the bloggin mood is not there yet. Finally is here today... :P
Have you ever stucked on the Ctrl Alt Del screen and trying hard to figure out what is the password for your account? There are many people in this world who forgets their password for their own computer (wheter accidentally or on purpose) especially the administrator password which they don't even know when and why they should use it. If you've been to this situation, you know how pain it is for the process of cracking the password setup by yourself. In fact there are bunch of tools in the internet which teaches you on how to break into your own system with their smart tools. However often enough these tools comes with a price. Fortunately Microsoft is getting "smarter" as they introduced a great tools which automatically comes with every Windows Vista (with or without SP1), Server 2008 (with or without R2) or even Seven (at least in RTM) - The "Ease of Access" button. In my opinion, this time they really meant it - hard. Why? Read this to refresh your memory.
Now there is another way which is even much more simple as to achieve this, no administrator account/password required, no ownership hassle, no UAC, and straightforward in the process of backdoor creation. The magic lies in the Windows Installation DVD itself. (WinPE is an alternative) Before that, please ensures that your computer are capable to boot from your DVD drive (just to be sure :P) and is set to boot from DVD rom. Steps below might be vary if you booting from WinPE.
1. Place the DVD into your optical drive.
2. Boot into the DVD by Press any key when you've been told.
3. Wait and wait for the DVD to be booted.
4. Then it reaches the installation screen. Click "Next" even though you have the Windows installed N years ago.
5. Select the last option which is "Repair your computer".
6. Choose the first option when System Recovery Options where prompted.
7. Choose "Command Prompt" from list of options available.
8. There you get your beloved command prompt with full administrator privilege. Navigate to your system32 folder. Alright, you might be asking why not I throw in directly "Compmgmt.msc" here and reset the password. In fact, I've tried that. However the MMC just refuse to be started. Hence, move on.....
9. Using the same target "Magnify.exe", make a backup of the original copy beforehand (in case on one day you start to regret of having the door open at all times, you can easily revert back). To do this, simply rename the original "Magnify.exe" to "Magnify.bak". - ren Magnify.exe Magnify.bak
10. Make another copy of command prompt and name it as "Magnify.exe" so that it takes the roles on the original "Magnify.exe". - copy cmd.exe Magnify.bak
11. Do a final checking, ok it's there. Shut off everything you can see and reboot your computer.
12. This time, just boot into your windows straight.
13. When your computer are ready, click on the "Ease of Access" button and says "Hell yea, I am accessing this computer with ease".
14. Enable the magnify option, and click OK. Walla... the powerful command prompt is there.
15. Till this steps, I'm sure most of you know what to do next. For those who still have no idea what to do next, here is the magic begin. Open up the Computer Management console via command prompt. - compmgmt.msc
16. Just follow back the password reset routine, expand the tree on the left, expand "Local Users and Groups", click on "Users", select the user you want to
17. Click "Proceed" if prompted, and proceed to reset the password.
18. Click on "Ok" and you're done.
Disclaimers : Try at your own risk and I held no responsibility on any damage you bring upon yourself. Good for solving your "forget password issue" and bad for the rest. Thanks.
