今天遇到一件囧事,长时间不进Windows环境结果把自己设置的密码给忘记了,于是便发了一条微博。热心朋友一大堆,给我推荐各种各样的方法,自己也到网上搜了一搜,原来在Linux下去除Windows的密码是那么简单。方法步骤如下: 一、安装工具chntpw 这个工具应该在各大发行版的官源里都存在(Linux对Windows的安全环境考虑真是没得说。==!)。直接用你的发行版里最常用的安装方式安装即可。 比如Archlinux– sudo pacman -S chntpw 二、使用工具 挂载windows系统分区盘,进入到 windows/system32/config中,就地打开终端,运行如下命令: sudo chntpw SAM
会得到如下提示: chntpw version 0.99.6 110511 , (c) Petter N Hagen
Hive name (from header):
ROOT KEY at offset: 0×001020 * Subkey indexing type is: 666c
File size 262144 [40000] bytes, containing 5 pages (+ 1 headerpage)
Used for data: 233/17736 blocks/bytes, unused: 16/2584 blocks/bytes.
* SAM policy limits:
Failed logins before lockout is: 0
Minimum password length : 0
Password history count : 0
| RID -|———- Username ————| Admin? |- Lock? –|
| 01f4 | Administrator | ADMIN | *BLANK* |
| 01f5 | Guest | | dis/lock | ———————> SYSKEY CHECK <———————–
SYSTEM SecureBoot : -1 -> Not Set (not installed, good!)
SAM AccountF : 0 -> off
SECURITY PolSecretEncryptionKey: -1 -> Not Set (OK if this is NT4)
Syskey not installed! RID : 0500 [01f4]
Username: Administrator
fullname:
comment : �:()n�7
homedir : User is member of 1 groups:
00000220 = Administrators (which has 1 members) Account bits: 0×0210 =
[ ] Disabled | [ ] Homedir req. | [ ] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account | [ ] NMS account |
[ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act |
[X] Pwd don’t expir | [ ] Auto lockout | [ ] (unknown 0×08) |
[ ] (unknown 0×10) | [ ] (unknown 0×20) | [ ] (unknown 0×40) | Failed login count: 0, while max tries is: 0
Total login count: 81
** No NT MD4 hash found. This user probably has a BLANK password!
** No LANMAN hash found either. Sorry, cannot change. Try login with no password! - – - – User Edit Menu:
1 – Clear (blank) user password
2 – Edit (set new) user password (careful with this on XP or Vista)
3 – Promote user (make user an administrator)
(4 – Unlock and enable user account) [seems unlocked already]
q – Quit editing user, back to user select
Select: [q] >
很显然,选1清除密码;选2重设密码;选3不知不觉提升用户权限,哈哈;选4启用或者关闭某个用户。我果然选1,重启进入Windows一路无阻! 来自Cloudpen | 
