Unutulan XP Oturum Açma Şifresini Kırmak…
Nisan 11, 2006
Eğer Windows admin şifresi konulmamışsa bilgisayarınız açılırken F8 tuşuna basarak güvenli kipte başlatınız. Buradan Admin hesabından girip yeni bir kullanıcı oluşturarak giriş yapabilirsiniz.
Eğer Admin şifresi warsa aşağıdakileri uygulamanız gerekmektedir…Windows altından yapmak bir dünya zaman alıyor. MS-Dosdan Kırılması için Yapılması gerekenler şunlardır:
1-bd050303.zip programını yükleyin.
http://home.eunet.no/~pnordahl/ntpasswd/bd050303.zip
2-install dosyasını çalıştırın
3-disket sürücüye formatlanmış bir disket yerleştirin
4-a: yazıp Enter a basın.
5-Bilgisayarı Bu disketle açın.
Karşınıza Msdos ortamında altdaki bölüm gelecektir.
1. DISK SELECT
Which disk contains your Windows system?
Step ONE: Select disk where the Windows installation is = = = = = = = = = = = = = = = = =
Disks isk /dev/ide/host0/bus0/target0/lun0/disc: 2147 MB, 2147483648 bytesNT partitions found: 1 : /dev/ide/host0/bus0/target0/lun0/part1 2043MB BootPlease select partition by number ora = show all partitions, d = automatically load new disk driversm = manually load new disk driversl = relist NTFS/FAT partitions,
q = quit 1 yazın ve Enter a basın
2. HOW TO MANUALLY LOAD DRIVERS
==== DISK DRIVER / SCSI DRIVER select ====
You may now insert or swap to the SCSI-drivers floppyPress enter when done: Found 1 floppy drivesFound only one floppy, using it..Selected floppy #0Mounting it..Floppy selection done..SCSI-drivers found on floppy:1 BusLogic.o.gz2 aic7xxx.o.gz3 sym53c8xx.o.gz[ ... ]SCSI driver selection: a – autoprobe for the driver (try all) s – swap driver floppy q – do not load more drivers or enter the number of the desired driverSCSI driver select: [q] SCSI driver select: [q] a[ BusLogic.o.gz ]Using /tmp/scsi/BusLogic.oPCI: Found IRQ 11 for device 00:10.0scsi0: *** BusLogic BT-958 Initialized Successfully ***scsi0 : BusLogic BT-958 Vendor: FooInc Model: MegaDiskFoo Rev: 1.0 Type: Direct-Access Attached scsi disk sda at scsi0, channel 0, id 0, lun 0SCSI device sda: 8388608 512-byte hdwr sectors (4295 MB)Partition check: /dev/scsi/host0/bus0/target0/lun0: p1Driver BusLogic.o.gz loaded and initialized.
Bu bölümde "a" yazıp Enter a basın
3. PATH AND FILE SELECT
Selected 1Mounting on /dev/ide/host0/bus0/target0/lun0/part1NTFS volume version 3.1.Filesystem is: NTFS .
Step TWO: Select PATH and registry files = = = = = = = = = = = = = = = = = = = = = = = =
What is the path to the registry directory? (relative to windows disk) [windows/system32/config] : -r——– 1 0 0 262144 Jan 12 18:01 SAM-r——– 1 0 0 262144 Jan 12 18:01 SECURITY-r——– 1 0 0 262144 Jan 12 18:01 default-r——– 1 0 0 8912896 Jan 12 18:01 software-r——– 1 0 0 2359296 Jan 12 18:01 systemdr-x—— 1 0 0 4096 Sep 8 11:37 systemprofile-r——– 1 0 0 262144 Sep 8 11:53 userdiffSelect which part of registry to load, use predefined choicesor list the files with space as delimiter1 – Password reset [sam system security]2 – RecoveryConsole parameters [software]q – quit – return to previous
Bu bölümde Windowsun kurulu olduğu partitionu seçeceğiz "1" yazıp Enter a basın
4. PASSWORD RESET
Step THREE: Password or registry edit = = = = = = = = = = = = = = = = = = = = = = = =
chntpw version 0.99.2 040105, (c) Petter N Hagen* SAM policy limits:Failed logins before lockout is: 0Minimum password length : 0Password history count : 0======== chntpw Main Interactive Menu ========Loaded hives: 1 – Edit user data and passwords 2 – Syskey status & change 3 – RecoveryConsole settings – - – 9 – Registry editor, now with full write support! q – Quit (you will be asked if there is something to save)What to do? [1] -> 1===== chntpw Edit User Info & Passwords ====RID: 01f4, Username: RID: 01f5, Username: , *disabled or locked*RID: 03e8, Username: , *disabled or locked*RID: 03eb, Username: , *disabled or locked*RID: 03ea, Username: , *disabled or locked*Select: ! – quit, . – list users, 0x – User with RID (hex)or simply enter the username to change: [Administrator]
Biz Administrator şifresini editleyeceğimizden burayı görünce hiçbirşey yapmadan Enter a basıyoruz.
Here you can enter the username you want to reset the password for. NOTE: It is case-sensitive, write it exact as listed (without the of course)
Or if the name uses some characters that cannot be displayed, enter it's ID number (RID), like this: 0×1f4 would select administrator.
RID : 0500 [01f4]Username: Administratorfullname: comment : Built-in account for administering the computer/domainhomedir : Account bits: 0×0210 =[ ] Disabled | [ ] Homedir req. | [ ] Passwd not req. | [ ] Temp. duplicate | [X] Normal account | [ ] NMS account | [ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act | [X] Pwd don't expir | [ ] Auto lockout | [ ] (unknown 0×08) | [ ] (unknown 0×10) | [ ] (unknown 0×20) | [ ] (unknown 0×40) | Failed login count: 0, while max tries is: 0Total login count: 3* = blank the password (This may work better than setting a new password!)Enter nothing to leave it unchangedPlease enter new password:
Buraya yeni Şifre girilecek örn:123456
Blanking password!
Do you really wish to change it? (y/n) [n] "y" yazıp Enter a basacağız
Changed!
Select: ! – quit, . – list users, 0x – User with RID (hex)
or simply enter the username to change: [Administrator] "!" yazılacak Enter a basacağız
! brings us back to the main menu here.
======== chntpw Main Interactive Menu ========Loaded hives: 1 – Edit user data and passwords 2 – Syskey status & change 3 – RecoveryConsole settings – - – 9 – Registry editor, now with full write support! q – Quit (you will be asked if there is something to save)What to do? [1] -> "q" yazıp Entera basacağız
5. WRITING OUT THE CHANGES
Everything has been done, time to commit the changes.
Hives that have changed: # Name 0 – OK.
Step FOUR: Writing back changes = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
About to write file(s) back! Do it? [n] :
"y" yazıp Entera basacağız
Writing samNOTE: A disk fixup will now be done.. it may take some timeMounting volume… OKProcessing of $MFT and $MFTMirr completed successfully.NTFS volume version is 3.1.Setting required flags on partition… OKGoing to empty the journal ($LogFile)… OKNTFS partition /dev/ide/host0/bus0/target0/lun0/part1 was processed successfully.NOTE: Windows will run a diskcheck (chkdsk) on next boot.NOTE: this is to ensure disk intergity after the changes***** EDIT COMPLETE *****You can try again if it somehow failed, or you selected wrongNew run? [n] :
SON olarak "n" yazıp Enter a basacağız ve disketi çıkartıp ctrl+alt+del tuşlarına basacağız.
Windows açılınca administrator gözükürse herzamanki gibi hesabın üzerine tıklayıp 123456 yazıp girin.
Hesap gözükmüyorsa, iki kez ctrl+alt+del _ ctrl+alt+del yapacağız. Karşımıza Kullanıcı adı parola ekranı çıkacak. Kullanıcı adına Administrator Parola=123456 Yazın ve Adminden giriş yaptınıs 
Entry Filed under: Windows Güvenlik. .
Trackback this post | Subscribe to the comments via RSS Feed