Kali Linux Reset Windows 11 Password

3 views
Skip to first unread message
Message has been deleted

Niki Wienberg

unread,
Jul 15, 2024, 6:47:00 AM7/15/24
to glenucosan

In new Windows versions, users can install and run multiple GNU/Linux distributions. One can configure the default distribution (i.e. the distribution that comes up with wsl.exe) with wslconfig /s command. e.g. To open Kali with wsl.exe at first run, use this command wslconfig /s kali-linux or run kali.exe.

kali linux reset windows 11 password


Descargar ->->->-> https://lpoms.com/2yOR1h



First of all, I don't know if this procedure is safe or not. At the time of writing, WSL manages the default login user from DefaultUID registry (this may change in future). Close any opened WSL instance. To edit this registry value, open Registry Editor or regedit.exe from start menu or run dialog box. Go to this registry path or type this path with Ctrl + L in that Window:

Open wsl.exe in command prompt. The prompt changes from $ to # (means root user). Run passwd command in Kali, change root password as usual. Now go back to previous registry key, change Zero to previous value (or 3e8 in hex). Here is an example of the registry values:

The following method was not available when the question was originally asked (or when the previous answers were written), but the wsl command now can handle this far easier (and more safely) than the old methods.

Side-note: The -e passwd tells WSL to run the passwd command directly, without invoking a shell. This is good for situations where you may not be able to access the default shell for one reason or another.

This is my first article on here, it's based off of a project that I'm working on at school which is on three ways to bypass windows user password's. If all goes as planned and you all would like I'll work on part two and part three and post them as soon as I can. I do have to give credit to Puppy Monkey Baby and The Defalt, both of whom are my classmates at college and have helped me with writing this article.

In Part 1 we will focus on using Kali Linux or Parrotsec to remove the password of a specific user in the SAM file. We will need a bootable usb with your choice of operating system so that we can boot directly into Kali/Parrotsec. Once we have booted into our flavor of linux, we need to mount the local hard drive. We must mount before we can have access to the hard drive or it will not show up. To mount simply click on Places > Home > "Primary Hard Disk"(This name will vary with each computer.)

After we have accomplished this the next step is to open up a terminal. At this point we need to change directory using the cd command, to root. Now all we need to do is navigate to the place on the hard drive that contains the password information. Navigating to the location can get tricky for new users. The ls command is incredibly helpful with finding out what files and folders are located in the directory that we are currently in. Once we navigate to the config folder your location should look something like the image below. (Once again the name of the hard drive you are accessing will vary by system.)

Our next act will be to use the chntpw -l SAM command without the brackets. What this command does is it lists the users and the corresponding permissions level. The very important part that we need to be aware of is the RID. The RID is what we will be using to specify which user account that we are going to modify.

When we are sure of which user account that we want to modify we use the chntpw -u 0x03ec SAM command. It is very important that we put the 0x before the 03ec because if it's not there the command will not be recognized.

As shown above we want to choose the 1 option to remove the password. After that it will ask if we want to write to hive files. Type y otherwise all the work we have done will go out the window and we will have to re-execute the commands. Once this is done then reboot and if everything was done correctly, the user we chose should not have a password. If it still does then unfortunately we will have to redo all of the steps above. At this point I have only done this on Windows 7, I will be trying all three methods on my windows 10 laptop and update with the results.

If we are working in an office as a tech there will inevitably be an occurrence of an end user forgetting a password. Now depending upon the organization that you are working for, there might be policies in place that allow for bypassing or disallow it altogether. Ethically we are bound by these policies. On the other hand lets say we are in class and feel like messing with a fellow classmate by changing their background or any other pranks (not that PMB nor I have any experience in this), these technique's will come in handy.

Just updated your iPhone? You'll find new features for Podcasts, News, Books, and TV, as well as important security improvements and fresh wallpapers. Find out what's new and changed on your iPhone with the iOS 17.5 update.

Sorry to ruin it for you but there us way easier ways that don't involve extra tools such as a USB with Kali or any other similar distros, and only requirea exploits in the windows 7 start-up repair. Plus it doesn't require having access to the bios. Happy Hacking! :)

That is actually the next way that I was planning on showing. This was just the first installment and one that I had complete today to post. I realised it wasn't in the title so I edited it. Thanks for the tip though!

Like Windows XP/7/8/8.1 passwords in Windows 10 are saved in SAM (Security Account Manager) file located in C:/Windows/system32/config. These password are encrypted with NTLMv2. This is how to dump the hashes and crack them using John password cracker tool:

Note: If you will not able to open this drive automatic use following command to fix error. This happen because Windows 10 does not shut down properly. By default it is going to sleep mode, So you will have to run following command.
#fdisk -l
this command is used to check the attached hardisk and its partition. its upto you how will you find the windows partition. if you will run following command with wrong partition, then no issue.
#ntfsfix /dev/sda2 (partition address)

The tool iSeePassword Windows Password Recovery Pro, is a professional password recovery tool that is meant to reset or unlock a computer password. It is available for many Windows operating systems including Windows 10,8, 7 and XP. You will need a USB flash drive. When compared to other methods mentioned above, this is the easiest way to recover a lost password. It works by listing all user accounts on your computer, select a user account, and click the password reset button. You can login to your Windows account after restarting.

Step 3: Insert the newly created USB drive to the locked Windows 10 computer. Set USB drive as the first boot device in BIOS setup. This computer will reboot. Then it will load the program, and detect all system and account on your computer, follow the interface to reset your Windows 10 password.

iSeePassword Windows Password Recovery Pro is easy to use and safe. With it,you can fast access to your windows if you forgot login password on Windows 10 without system re-installation.

There are a bunch of free(and open-source!) tools available.
On most linux distros you can install chntpw. There are a bunch of Live-booting Linux distros that have tools like these pre-installed for recovery or hacking purposes.

If you are setting up the customer PC, add a second local admin account for your use (with decent password, obviously). Then you can get in and use lusrmgr.msc to reset their passwords. This also works a treat on BitLocker encrypted drives.

I've been a Linux guy for over 20 years at this point, falling in love with Linux back in 2001. I briefly courted Red Hat and had an extended love affair with Gentoo, but I've since chosen Debian as my long-term Linux partner. If you're not a Linux aficionado, I would strongly recommend taking the time to learn it. In my small network environment, Linux is the backbone - running our public website, our Zabbix system monitoring, my Subversion code repositories, our time clock, our centralized logging and security server, and our MeshCentral server. That being said, the majority of my time is spent writing code for our internal project management application (C#, Visual Studio), administering our production database (SQL Server), and adminstering our internal Active Directory domain and Office 365/Exchange 365 environment. When I discovered Windows Subsystem for Linux (WSL), I decided to move back to Windows as my "daily driver" and I really feel that I have the best of both worlds. In this article, I'll provide a quick overview covering setting up Kali Linux in WSL and configuring a desktop environment.

First up, you'll want to make sure you have WSL installed, and you want to make sure you're using version 2 and not version 1 - see this Microsoft article for the differences between the versions along with a link to instructions on how to install WSL. After you have WSL installed, go to the Microsoft Store and search for the Kali Linux application and install from there.

After upgrading all available packages, we need to install the xrdp application to provide Remote Desktop Protocol (RDP) access to our desktop environment (as root): apt-get install xrdp. Then, we'll need to install a desktop environment. There are a number of built-in desktop metapackages to choose from:

I would recommend the kali-desktop-xfce package, as the Kali team has put together a very nice Xfce desktop environment. Plus, Xfce is very familiar to users coming from a Windows environment (tour Xfce v4 here): apt-get install kali-desktop-xfce. By installing the metapackage, you'll automatically get all the apps you need along with menu settings, wallpapers, etc.

Optional: for my WSL-based desktops, since I'm using xrdp to avoid conflicts with Windows' built-in RDP server, I always modify the port, starting from 3390 and going up from there. You can easily modify the listening port in the xrdp's configuration file - as root, open the file /etc/xrdp/xrdp.ini and look for the "Port" line. Change the value to whatever port number you prefer.

d3342ee215
Reply all
Reply to author
Forward
0 new messages