26Nov/150

How to reset root/Administrator password in Linux/Windows

First of all, please read the following important instructions about this tutorial:
Please note, during this tutorial you are going to advance deeply into your operating system, so we kindly ask you to be careful while running these commands. Furthermore, we ask for your understanding, that Contabo is not be liable for damages or data loss of your operating system.

Please be also informed, that this tutorial is not working on Dedicated Servers along with Windows operating system without a KVM over IP device. We kindly ask you to open a ticket at support@contabo.com if we should assist you.

This tutorial offers the opportunity to reset the system password for the "root" and "Administrator" users, so you should be able to logon to your server again in case you have lost or forgotten the password.

Please just go to your Customer Control Panel for performing a reboot of your VPS / Dedicated Server into the rescue mode. Therefore, you have to navigate to the "Your services" menu, followed by "Manage" -> "rescue mode".

(The login credentials of your customer control panel have been sent in our initial e-mail to your authorized e-mail address)

Kundenlogin2

Password reset for Linux:

1. List system partitions:

root@sysresccd /root % fdisk -l
....
Device     Boot     Start         End      Blocks   Id  System
/dev/sda1  *         2048   961146879   480572416   83  Linux
/dev/sda2       961146880   976771071     7812096   82  Linux swap / Solaris
....

2. Mount system partitions:

root@sysresccd /root % mkdir /mnt/sda1
root@sysresccd /root % mount /dev/sda1 /mnt/sda1

3. Now you can change to the mounted environment:

root@sysresccd /root % chroot /mnt/sda1 /bin/bash

4. Reset the root password:

root@sysresccd:/# passwd root
Enter new UNIX password: <new password>
Retype new UNIX password: <new password>
passwd: password updated successfully

5. The root password has been changed, please exit the rescue mode and reboot your server back to the operating system:

root@sysresccd:/# exit
exit
root@sysresccd /root % exitrescue
Server was set to boot from normal harddisk at the next boot!
Please enter "reboot" to reboot the system!
root@sysresccd /root % reboot

Now you should be able to login using the new password.

 

Password reset for Windows:

1. List system partitions:

root@sysresccd /root % fdisk -l
....
Device     Boot  Start       End   Sectors   Size Id Type
/dev/vda1  *      2048    718847    716800   350M 27 Hidden NTFS WinRE
/dev/vda2       718848 629143551 628424704 299.7G  7 HPFS/NTFS/exFAT
....

2. Mount system partitions:

root@sysresccd /root % mkdir /mnt/vda2
root@sysresccd /root % ntfs-3g /dev/vda2 /mnt/vda2

Please note: If now an error message appears, please enter the following command before you are going to mount the system partition:

root@sysresccd /root % ntfsfix /dev/vda2

Mounting volume... OK
Processing of $MFT and $MFTMirr completed successfully.
Checking the alternate boot sector... OK
NTFS volume version is 3.1.
NTFS partition /dev/vda2 was processed successfully.

3. Now you can change to the system directory:

root@sysresccd /root % cd /mnt/vda2/Windows/System32/config

4. Print all system users:

root@sysresccd /root/mnt/vda2/Windows/System32/config % chntpw -l SAM

chntpw version 1.00 140201, (c) Petter N Hagen
Hive <SAM> name (from header): <\SystemRoot\System32\Config\SAM>
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c <lf>
File size 262144 [40000] bytes, containing 8 pages (+ 1 headerpage)
Used for data: 302/27480 blocks/bytes, unused: 28/5032 blocks/bytes.

| RID -|---------- Username ------------| Admin? |- Lock? --|
| 01f4 | Administrator                  | ADMIN  |          |
| 01f5 | Guest                          |        | dis/lock |

5. Reset the Administrator password:

root@sysresccd /root/mnt/vda2/Windows/System32/config % chntpw SAM -u Administrator

chntpw version 1.00 140201, (c) Petter N Hagen
Hive <SAM> name (from header): <\SystemRoot\System32\Config\SAM>
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c <lf>
File size 262144 [40000] bytes, containing 8 pages (+ 1 headerpage)
Used for data: 302/27504 blocks/bytes, unused: 28/5008 blocks/bytes.

================= USER EDIT ====================

RID     : 0500 [01f4]
Username: Administrator
fullname:
comment : Built-in account for administering the computer/domain
homedir :

00000220 = Administrators (which has 1 members)

Account bits: 0x0010 =
[ ] Disabled        | [ ] Homedir req.    | [ ] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account  | [ ] NMS account     |
[ ] Domain trust ac | [ ] Wks trust act.  | [ ] Srv trust act   |
[ ] Pwd don't expir | [ ] Auto lockout    | [ ] (unknown 0x08)  |
[ ] (unknown 0x10)  | [ ] (unknown 0x20)  | [ ] (unknown 0x40)  |

Failed login count: 0, while max tries is: 0
Total  login count: 82

- - - - User Edit Menu:
1 - Clear (blank) user password
(2 - Unlock and enable user account) [seems unlocked already]
3 - Promote user (make user an administrator)
4 - Add user to a group
5 - Remove user from a group
q - Quit editing user, back to user select
Select: [q] > 1

Password cleared!
================= USER EDIT ====================

RID     : 0500 [01f4]
Username: Administrator
fullname:
comment : Built-in account for administering the computer/domain
homedir :

00000220 = Administrators (which has 1 members)

Account bits: 0x0010 =
[ ] Disabled        | [ ] Homedir req.    | [ ] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account  | [ ] NMS account     |
[ ] Domain trust ac | [ ] Wks trust act.  | [ ] Srv trust act   |
[ ] Pwd don't expir | [ ] Auto lockout    | [ ] (unknown 0x08)  |
[ ] (unknown 0x10)  | [ ] (unknown 0x20)  | [ ] (unknown 0x40)  |

Failed login count: 0, while max tries is: 0
Total  login count: 82
** No NT MD4 hash found. This user probably has a BLANK password!
** No LANMAN hash found either. Try login with no password!

- - - - User Edit Menu:
1 - Clear (blank) user password
(2 - Unlock and enable user account) [seems unlocked already]
3 - Promote user (make user an administrator)
4 - Add user to a group
5 - Remove user from a group
q - Quit editing user, back to user select
Select: [q] > q

Hives that have changed:
#  Name
0  <SAM>
Write hive files? (y/n) [n] : y
0  <SAM> - OK

6. The Administrator password has been changed, you can check this as follows:

root@sysresccd /root/mnt/vda2/Windows/System32/config % chntpw -i SAM

===== chntpw Edit User Info & Passwords ====

| RID -|---------- Username ------------| Admin? |- Lock? --|
| 01f4 | Administrator                  | ADMIN  | *BLANK*  |
| 01f5 | Guest                          |        | dis/lock |

Please enter user number (RID) or 0 to exit: [1f4] 0

Please note: The *BLANK* entry indicates, that currently no Administrator password is set!

7. Exit the rescue mode and reboot your server back to the operating system:

root@sysresccd /root % exitrescue
Server was set to boot from normal harddisk at the next boot!
Please enter "reboot" to reboot the system!
root@sysresccd /root % reboot

8. Last of all, you can login to your server via VNC without password for setting a new password. Therefore, please choose one of the following options:

(The login credentials of your VNC access have been sent in our initial e-mail to your authorized e-mail address)

1st option:

Control panel > User accounts > User accounts > Manage accounts > Change account > Create password

Windows-PW setzen (klein)

2nd option:

Please open the command prompt on the desktop and enter the following command:

C:\Users\Administrator> net user Administrator <password>

Screenshot EN

A new password has been created, it is valid for the "Administrator" user account from now on.

Posted by: Benjamin | Tagged as: , , , , , No Comments
4Jun/120

Secure Password Selection

I would like to take this opportunity to inform you about a very important matter regarding your dealing with/in the world wide web.

The importance of picking a good, secure password can't be emphasized enough.
Your password is the way the computer verifies that someone logging in is really you, so pick something that cannot be guessed by others. The top reasons people gain unauthorized accesses to a password protected system is: They guessed someone's password. (often because they found it on a piece of paper next to the victim's computer or because they saw the person type the password in, but also because they use software programs that are VERY good at guessing common passwords.)

What happens to people who choose weak passwords
If someone else obtains your passwords, they may start to use your account to see your private data, including email, your bank accounts etc. They could start to alter or destroy your files or they could take over your computer; and they might even perform illegal activities in your name -- in such cases, it is difficult to find out who the culprit is and you might get under suspicion.

The basics
The following guidelines will guard against someone finding out your password and using your account illegally:
1. Make your password as long as possible. The longer it is, the more difficult it will be to attack the password with a brute-force search. Always use at least 6 characters in your password, at least two of which are numeric.
2. Use as many different characters as possible when forming your password. Use numbers, punctuation characters and, when possible, mixed upper and lower-case letters.
3. Do not use personal information in your password that someone else is likely to be able to figure out. Obviously, things like your name, phone number, and address are to be avoided. Even names of acquaintances and the like should not be used.
4. Do not use words, geographical names, or biographical names that are listed in standard dictionaries. Your password might be hacked by a so called “dictionary attack”*.
5. Never use a password that is the same as your account number.
6. Do not use passwords that are easy to spot while you're typing them in. Passwords like 12345, qwerty (i.e., all keys right next to each other), or nnnnnn should be avoided.

So be aware of these points and choose either on your own a secure password or use a password generator that you easily find in google by the keyword “password generator”.

This is how a secure password might look like:
4(&V_x5%K?=mK3D

*Dictionary attack:
Wikipedia defines: A dictionary attack uses a targeted technique of successively trying all the words in an exhaustive list called a dictionary (from a pre-arranged list of values). In contrast with a brute force attack, where a large proportion key space is searched systematically, a dictionary attack tries only those possibilities which are most likely to succeed, typically derived from a list of words for example a dictionary (hence the phrase dictionary attack) or a bible etc. Generally, dictionary attacks succeed because many people have a tendency to choose passwords which are short (7 characters or fewer), single words found in dictionaries or simple, easily predicted variations on words, such as appending a digit. However these are easy to defeat. Adding a single random character in the middle can make dictionary attacks untenable.

Posted by: Katharina | Tagged as: , , No Comments