Skip to main content

How To Bypass Windows Password

Software used :- Offline NT Password and Registry Editor
1. The software can be downloaded from internet; 
2. Make live CD of the software and keep a USB drive ready if you want to recover the paasword..

Offline NT Password is a stripped -down version of linux with a menu-driven interface . By default, it steps you through the process of removing the Administrator password. If you choose to boot Offline NT password from CD, make sure that you first insert a USB thumb drive to to copy the SAM file to . This will make mounting it much easier.

First of all insert CD into drive and boot it.

 Offline NT Password runs in command-line mode. Once booted , it displays a menu-driven interface. In most cases, the default options will step you through mounting the primary drive and removing the Administrator account password, as described next.

Step one  The tool presents a list of drives and makes a guess as to which one contains the Windows operating system. It also detects inserted USB drives. This makes mounting them much easier, because if you insert one later, the tool often will not create the block device (/dev/sdb1) necessary to mount it. 
  In case, the boot device containing Windows is correctly identified by default so simply press ENTER to proceed.

Step Two Next the tool try to guess the location of SAM file. Now you can see that it is correctly identified as located in WINDOWS/system32/config.
  Again, the correct action is preselected from the menu by default. Before contining, however we want to copy the SAM file to the USB drive. Since Offline NT password is built on a simple Linux system, we can invoke another pseudo-terminal by pressing ALT+F2. This opens another shell with a command prompt. Mount the USB drive using the device name identified in step one.

 mount / dev/ sdb1 / mnt

Next copy the SAM and SECURITY files to USB drive. Offline NT Password mounts the boot disk in the directory /disk.

 cp / drive / WINDOWS /system32/ config/ SAM /mnt
 cp/ drive / WINDOWS / system32/ config/ SECURITY/ mnt

          Make sure you perform a directory listing of your USB drive to confirm you've copied the files correctly.
          Now return to the menu on pseudo-terminal one by pressing ALT+F1 , and then press ENTER to accept the default location of the SAM file.

Step Three  The tool will now look the SAM file and list the accounts. It will then give you the option to remove or replace the selected account password. By default, the Administrator account will be selected.

     Once selected, the default option is to simply remove the password, as shown next. Although there is an option to reset the password to one of your own choosing, this is not recommended because you risk computing the SAM file . Press ENTER to accept the default.

Step Four  Once the password is successfully removed from the SAM file, it must be written back to the file system. The default option will do this and report success or failure, so press ENTER.

          With the SAM file successfully written back to the file system, simply press ENTER for the default option to not try again , and the menu will exit. Remove the CD and reboot the system. You will now be able to log in as the local Administrator with no password.

NOTE: This is for educational purpose only we are not responsible for any type of inconvenience caused by reader.


  1. Nice one buddy. But instead of bypass by this process if we get all users password (using ophcrack) then it will much help full.

  2. This one is easiest for those who are primer in hacking ... I will soon post how to use ophcrack and trinity rescue kit..


Post a Comment

Popular posts from this blog

Social Engineering Toolkit (SET)

Social Engineering Toolkit  (SET) is an advanced,  multifunctional, and easy-to-use computer-assisted social engineering toolset, created by the founders of  TrustedSec ( It helps you prepare the most effective way to exploit client-side application vulnerabilities and makes a fascinating attempt to capture the target's confidential information (for example, e-mail passwords). Some of the most efficient and useful attack methods employed by SET include targeted phishing e-mails with a malicious file attachment, Java applet attacks, browser-based exploitation, gathering website credentials, creating infectious portable media (USB/ DVD/CD), mass-mailer attacks, and other similar multiattack web vectors. This combination of attack methods provides you with a powerful platform to utilize and select the most persuasive technique that could perform an advanced attack against the human element.

 To start SET, navigate to  Applications  |  Kali Linux  |  Expl…

Cracking Wifi Using :Fern(GUI)


As a part of Kali linux , fern can be directly used from kali linux , i would be recommending the use of kali because while using other linux environments it could be a trouble because while using fern it automatically detects the path of aircrack-ng and python installed , while in other environments it is needed to set it follow the following steps :-->

1.) Download kali linux iso and make a bootable pendrive .....if you dont know how to make bootable pendrive  then follow the steps given in blog of trinity rescue kit

Kali linux iso (amd64) recommended -->here
Link to trinity rescue kit blog --> here

 2.)Open Kali linux Goto Applications-->Wireless Attack--> Fern

3.)Select Interface card wlan0

4.)Double click any where in GUI

5.)Select enable x-terms that you can view that happening ...while through a automated program...

6.)Click on select network

7.)Choose the type of network that is WEP/WPA

8.)I would recommend to add dictonary file .…

Deep Web - Part 1

What is deep web ?

Deep web Aka Invisible web Aka Hidden web are parts of the world wide web whose contents are not indexed by standard search engines.
The surface web also known as Visible web , Clearnet , Indexed web or Lightnet is that portion of the world wide web that is readily available to the general public and searchable with standard web search engines. Level of web where vast majority of internet users are connected to and which is accessible in any nation that does not block internet access.E.g: Social media sites like Facebook, informational websites like Wikipedia, general websites, etc


It is the part of world wide web that is not indexed by search-engines,which is directly accessible and no proxy required. E.g: Google locked results, recently web crawled old content, pirated media, pornography etc
Deep web Aka Invisible web Aka Hidden web are parts of the wo…