Shulou(Shulou.com)06/02 Report--

Summary of common operating system password recovery methods

Catalogue

Chapter one, preface. three

Chapter II tools.. three

Chapter III recovery methods and steps.. three

3.1. Win7 system password recovery.. three

3.1.1. Method one.. three

3.1.2. Method two.. eleven

3.1.3. Method three.. twenty

3.2. Window2008R2 system password recovery.. twenty

3.3. XP system password recovery.. twenty

3.4. Window2003 system password recovery.. twenty

3.5. Redhat 7.0pm 7.1 system password recovery.. twenty

3.6. Centos6.4 system password recovery.. twenty-five

3.7. Ubuntu 14 system password recovery.. twenty-nine

3.8. SuSE Linux11 system password recovery.. thirty-one

3.9. CVK password recovery.. thirty-three

3.9.1. Method one.. thirty-three

3.9.2. Method one.. thirty-three

3.10. CVM password recovery.. thirty-three

3.11. CIC password recovery.. thirty-four

Chapter one preface

Because individuals are engaged in network and system integration related work, they often encounter the situation of forgetting system passwords such as computers, mainly because there are many servers, long-term non-login or changes in management personnel lead to the loss of system passwords, and so on. therefore, the system password cracking and recovery process of a variety of common operating systems are simply sorted out for your reference and study.

Chapter II tools

If it is a window system, you will use the image file to install the system or the startup files of a third party, such as Chinese cabbage, old peach and so on. If the virtual machine is installed with an operating system such as linux, no other tools are needed.

Note:

Several clock development tools for operating systems and office software can be downloaded from the "I tell you" website at https://msdn.itellyou.cn/".

Chapter III recovery methods and steps password recovery of 3.1.win7 system

There are many password recovery methods in win7 system, and there are three common ones:

3.1.1. Method one

Clear the password through the third-party window password removal tool, such as the common peach, Chinese cabbage and other PE tools with the system password removal tool to clear the system password.

Note:

In the Huasan virtual environment, the PE system has a very large delay in keyboard input recognition. If you need to enter the corresponding serial number to choose, please wait for more than ten seconds or hit the keyboard wildly.

(1) download PE software such as peach and Chinese cabbage to make a PE boot disk (the flash drive will be formatted during the PE boot disk making process, so please back up the data in the flash drive in advance).

(2) restart the system, choose to boot from the flash drive (the shortcut keys of the startup menu of the machine that are not available are different, see figure 1), select the ninth item, "run window login password cracking menu", and click enter to enter the password cracking menu.

Figure 1

Note:

In this step, you can also enter the PE desktop environment through items 2 and 3, and there is a graphical system password clearing tool in the PE desktop environment (provided that you can identify the system disk after entering it, that is, you can see the system disk in "my computer" on the PE desktop).

(3) in the password cracking menu, select the first "clear windows login password (change password)" menu and enter

Note:

In this step, you can also bypass the password to enter the Windows7 system through item 2, and then reset the password. By testing the win7 system through item 2, restart the system after bypassing the password, you will enter the interface of entering the password. You can enter the system without entering the password directly, and then reset the user's password. However, after window2008R2 enters the system by bypassing the password through item 2, it is always prompted that the password is wrong, and it is impossible to create a new password.

(4) in the Windows password clearing menu, type "1" on the keyboard to select the first item "Select the partition where the window system resides" and enter (this step is so delayed that it may take several minutes or even more than ten minutes to recognize the entered "1").

Note:

In this step, you can also automatically search the SAM file that stores the user name and password of the system through item 2, but the scanning time will be relatively long, ranging from a few minutes to half an hour.

(5) the disk of the virtual machine can be seen in this interface, but the disk letter is not displayed. If you know the size of the system disk, you can judge which disk is the system disk according to the size. If you do not know the size of the system disk, you can judge it by experience. Generally, the win7 system disk will be about 50-100g, enter the disk serial number through the keyboard and enter enter.

(6) the system will automatically scan the disk selected in the previous step, identify the file SAM that stores the system password on the disk, and crack the user name on the file by entering the enter key.

(7) by cracking the SAM file, you can see the list of users who have been identified on the file, and type "0" on the keyboard to crack and delete the password of the super administrator account with serial number 0.

(8) the system will automatically select "clear this user's password", click "Y" on the keyboard to save and return to the higher level menu (password has been cleared), and then press the Esc key to return to the fourth step, select the first item "boot from local disk", the system will automatically enter the previous window7, if you cannot enter the window7 desktop, you still need to enter the password and click enter to enter the desktop environment.

3.1.2. Method two

By using the system image file to repair the system, replace the Magnify.exe sequence of the system magnifying lens with the CMD.exe program, and then normally boot to the user name and password interface by using the magnifying glass (at this time the magnifying glass program has been replaced with cmd) to enter cmd, and use the command line to change the user password.

The principle of this method is that after booting the system, the system will run the magnifying glass program before entering the password authentication. Under the easy access icon at the lower left of the interface, when repairing the system through the operating system image file, the cmd program in the image file in the optical drive will be loaded (the cmd in the optical drive cannot change the system user password, but the file path can be changed). So we move the system cmd program to the magnifying glass path, so that we can call the CMD under the magnifying glass path by clicking "magnifying glass" in "easy access" before entering the password in the magnifying glass path (this cmd is the system's own, not the mirror file in the optical drive), and use cmd to reset the system password.

Step 1:

Boot the system, enter any key in the boot interface, boot from the boot disk, then press F8 and select "Enable Boot Logging", and the system will reload the system files.

Note:

When opening the virtual machine console, be sure to quickly click the connection, and then press the confirm button, otherwise this step will be skipped quickly and start as a local hard disk.

(2) step 2:

Click "next" and select "repair computer"

(3) step 3:

Select the first repair system and the next step.

(4) step 4:

Select the Command prompt to open the cmd program for mirrored files in the CD-ROM drive.

(5) step 5:

Since the original system drive letter is not necessarily C at this time, we need to pass it in CDEFG. Look for the system file path window and system32 under that disk, and determine which drive letter the system disk is.

First of all, enter the C disk through the "c:" command, and then display the files under the C disk through the "dir" command. If there are folders such as window and system32 in the files under the c disk, it means that disk c is the system disk. If there are no window and system32 folders under disk c, it means that disk c is not the system. At this time, continue to test the drive letter such as DEF through the above two commands until the system drive letter is determined.

(6) step 6:

After determining the system drive letter (adding the D disk), enter the path where the system program (magnifying glass and cmd) is stored through "cd windows\ system32", rename the magnifying glass program through "rename Magnify.exe Mangify.bak" (so that the system can not find this program), and then use "rename Magnify.exe Mangify.bak" to rename the cmd program to the magnifying glass program (the system calls magnifying glass actually calls cmd).

(7) step 7:

Modify the virtual machine boot device, restore the boot options, and restart the virtual machine. After restarting, the system will boot normally from the local hard disk to the following interface

(8) step 8:

At this point, we have renamed the cmd command to the magnifying glass program, so click "easy access" and "magnifying glass" will bring up the system's cmd command window. In the cmd command window, by executing "c:\ Windows\ system32 > explorer" and "c:\ Windows\ system32 > net user administrator password01!" Reset the password of the system user "administrator" and use the password "password01!" that you just reset. You can log in to the system.

Note:

You can also use the PE tool to enter the PE desktop environment and replace the cmd and magnifying glass programs under the windows/system32 path.

3.1.3. Method three

The user name and password of the Windows system are stored in the SAM file under the C:\ Windows\ System32\ config path, so you can use the PE tool in method 1 to enter the path, cut or delete the file, and then restart the system without entering the password, or use the cmd of the image file in method 2 to rename or delete the SAM file when repairing the system.

Note:

This operation has only been successfully tested under win7 and window2008R2. Deleting SAM files under XP and window2003 will lead to unstable collapse of the system, and the operation is risky, so you should be careful to delete it.

Password recovery of 3.2.window2008R2 system

The system password recovery method of window2008R2 is similar to that of win7, please refer to Section 3.1

Password recovery of 3.3.XP system

The password recovery method of XP system is similar to that of method 1 and method 2 of win7 system. Please refer to sections 3.1.1 and 3.1.2 of win7 system password recovery method.

Password recovery of 3.4.window2003 system

The password recovery method of window2003 system is similar to that of method 1 and method 2 of win7 system. Please refer to sections 3.1.1 and 3.1.2 of win7 system password recovery method.

3.5.Redhat 7.0Universe 7.1 system password recovery (1) step 1:

Start the system and press any key to interrupt the countdown before loading the startup menu countdown

(2) step 2:

Press the keyboard "e" key to edit the current entry, use the arrow key to move the cursor to the line at the beginning of "linux16", use the keyboard "End" key to move the cursor to the end of the line, and add rd.break at the end of the line, and press the "Ctrl+X" key to continue to start the system using the modified configuration.

Note:

The arrow key ↓ in figure 1 indicates that the content has not been displayed, and you can use the arrow key ↓ to continue browsing; in figure 2, the end of the linux16 line is UTF-8, and the end of the first two lines\ indicates an unfinished line, a newline character, but one line, not multiple lines; the _ after the figure 3rd.break is the cursor, not an underscore

Figure 1

Figure 2

Figure 3

(3) step 3:

Remount the / sysrootw file as read and write, and then use chroot to enter the chroot storage location in / sysroot

(4) step 4:

Use the "echo NewPassword | passwd-- stdin root" command to reset the password of the system administrator account root to "NewPassword"

(5) step 5:

Configure the system to automatically perform full SELinux relabeling after startup

(6) step 6:

Execute "exit" twice to make the system continue to boot, and after startup, you can log in to the system using the password "NewPassword" that you just reset.

3.6.Centos6.4 system password recovery (1) step 1:

When the system starts up, press ESC to enter the list of system options, then we can see the current system information, and then press the e key (note: not enter)

(2) step 2:

Then we choose the second item-kernel, and then continue to press "e"

(3) step 3:

Enter single or 1 after rhgb quiet, and then enter enter

(4) step 4:

Then enter, return to the interface, and then press b to reboot the system

(5) step 5:

After startup, we found that there was no need to enter the account and password to enter the system directly.

(6) step 6:

After entering, we can change the password according to passwd root.

3.7.Ubuntu 14 system password recovery (1) step 1:

Power on, enter the system interface, select the second option, and then press "e"

(2) step 2:

Press the down arrow key, find the line containing recovery, change recovery nomodeset to single init=/bin/bash, and press F10 to reboot into shell immediately.

(3) step 3:

The system has entered the root user, but we have not entered the password

(4) step 4:

After entering, we can change the password according to passwd root (same as Centos6.4)

3.8.SuSE Linux11 system password recovery (1) step 1:

As shown in the following figure, after grub boots, select the first boot option and enter init=/bin/bash at Boot Option to pass the init=/bin/bash parameter to the kernel. Then press enter.

(2) step 2:

As shown in the following figure, the system boots into single-user mode.

(3) step 3:

Since the file system defaults to read-only mode in single-user mode, we need to execute the "mount-n /-o remount,rw" command to change the file system to read-write mode.

(4) step 4:

Execute the "passwd root" command to change the root user's password, and you can change the root user's password by entering the same password twice in a row. The password we entered is the new password for the operating system root user.

(5) step 5:

Execute the "mount-n /-o remount,ro" command to change the file system to read-only, and execute the "reboot" command to restart the operating system.

To download the original article, please visit Baidu Library: https://wenku.baidu.com/view/fe40407ebdd126fff705cc1755270722182e597a

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.