{"id":3343,"date":"2019-01-26T19:29:59","date_gmt":"2019-01-26T18:29:59","guid":{"rendered":"http:\/\/olivier.hoarau.org\/?p=3343"},"modified":"2019-01-26T19:30:06","modified_gmt":"2019-01-26T18:30:06","slug":"recuperez-un-mot-de-passe-windows-de-linux","status":"publish","type":"post","link":"https:\/\/olivier.hoarau.org\/?p=3343","title":{"rendered":"R\u00e9cup\u00e9rez un mot de passe windows de linux"},"content":{"rendered":"\n<p>Voulant r\u00e9installer <a href=\"http:\/\/olivier.hoarau.org\/?p=2982\">le launchpad Novation MK2<\/a> sur le <a href=\"http:\/\/olivier.hoarau.org\/?p=3336\">nouveau ThinkPad T440p <\/a>sous windows 7 professionnel pour ma fille,  je me suis rendu compte que j&rsquo;avais n\u00e9gligemment oubli\u00e9 le mot de passe d&rsquo;administrateur ! C&rsquo;est ballot, fort heureusement avec une partition sous linux, on peut faire pas mal de chose avec une commande qui s&rsquo;appelle <strong>chntpw<\/strong> c&rsquo;est \u00e0 dire \u00ab\u00a0change NT password\u00a0\u00bb tout un programme. A vrai dire c&rsquo;est valable avec n&rsquo;importe quel PC windows d\u00e8s lors que vous y avez acc\u00e8s physiquement et que vous pouvez acc\u00e9der au BIOS.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"474\" height=\"296\" src=\"https:\/\/i0.wp.com\/olivier.hoarau.org\/wp-content\/uploads\/novation-t440p-1024x639.jpg?resize=474%2C296\" alt=\"\" class=\"wp-image-3344\" srcset=\"https:\/\/i0.wp.com\/olivier.hoarau.org\/wp-content\/uploads\/novation-t440p.jpg?resize=1024%2C639&amp;ssl=1 1024w, https:\/\/i0.wp.com\/olivier.hoarau.org\/wp-content\/uploads\/novation-t440p.jpg?resize=300%2C187&amp;ssl=1 300w, https:\/\/i0.wp.com\/olivier.hoarau.org\/wp-content\/uploads\/novation-t440p.jpg?resize=768%2C479&amp;ssl=1 768w, https:\/\/i0.wp.com\/olivier.hoarau.org\/wp-content\/uploads\/novation-t440p.jpg?w=1500&amp;ssl=1 1500w, https:\/\/i0.wp.com\/olivier.hoarau.org\/wp-content\/uploads\/novation-t440p.jpg?w=948&amp;ssl=1 948w, https:\/\/i0.wp.com\/olivier.hoarau.org\/wp-content\/uploads\/novation-t440p.jpg?w=1422&amp;ssl=1 1422w\" sizes=\"auto, (max-width: 474px) 100vw, 474px\" \/><figcaption>Launchpad Novation MK2 et le ThinkPad T440p en mode linux<\/figcaption><\/figure>\n\n\n\n<p>Il suffit de rep\u00e9rer la partition windows, la monter si ce n&rsquo;est pas d\u00e9j\u00e0 fait et d&rsquo;aller dans le r\u00e9pertoire <strong>Windows\/System32\/config<\/strong>. De mon c\u00f4t\u00e9 j&rsquo;ai tap\u00e9 simplement en tant que root<\/p>\n\n\n\n<p><strong>cd \/media\/win_d\/Windows\/System32\/config<\/strong><\/p>\n\n\n\n<p>Ensuite on tape la commande <strong>chntpw -l  sam -i<\/strong> \u00e0 noter qu&rsquo;il faut que vous ayez un fichier <strong>sam<\/strong> dans le r\u00e9pertoire, sur d&rsquo;autres syst\u00e8mes ce fichier peut \u00eatre en majuscule. Voil\u00e0 le r\u00e9sultat :<\/p>\n\n\n\n<p><strong>chntpw version 1.00 140201, (c) Petter N Hagen<br> Hive  name (from header): &lt;\\SystemRoot\\System32\\Config\\SAM><br> ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c <br> File size 262144 [40000] bytes, containing 8 pages (+ 1 headerpage)<br> Used for data: 273\/87760 blocks\/bytes, unused: 18\/10288 blocks\/bytes.<\/strong><\/p>\n\n\n\n<p><strong>&lt;>========&lt;> chntpw Main Interactive Menu &lt;>========&lt;><\/strong><\/p>\n\n\n\n<p><strong>Loaded hives: <\/strong><\/p>\n\n\n\n<p><strong>1 &#8211; Edit user data and passwords<br>   2 &#8211; List groups<br>       &#8211; &#8211; &#8211;<br>   9 &#8211; Registry editor, now with full write support!<br>   q &#8211; Quit (you will be asked if there is something to save)<\/strong><\/p>\n\n\n\n<p><strong>What to do? [1] -><\/strong><\/p>\n\n\n\n<!--more-->\n\n\n\n<p>On tape 1 pour lister les utilisateurs et voil\u00e0 ce que \u00e7a donne<\/p>\n\n\n\n<p><strong>===== chntpw Edit User Info &amp; Passwords ====<\/strong><\/p>\n\n\n\n<p><strong>| RID -|&#8212;&#8212;&#8212;- Username &#8212;&#8212;&#8212;&#8212;| Admin? |- Lock? &#8211;|<br> | 01f4 | Administrator                  | ADMIN  | dis\/lock |<br> | 03e8 | Customer                       | ADMIN  | dis\/lock |<br> | 01f5 | Gast                           |        | dis\/lock |<br> | 03e9 | L\ufffdna                           |        | <\/strong><em><strong>BLANK<\/strong><\/em><strong>  |<br> | 03ea | Olivier                        |        | <\/strong><em><strong>BLANK<\/strong><\/em><strong>  |<\/strong><\/p>\n\n\n\n<p><strong>Please enter user number (RID) or 0 to exit: [3e8]<\/strong><\/p>\n\n\n\n<p>Pour l&rsquo;utilisateur Olivier on tapera<strong> 0x03ea <\/strong>et cela donnera<\/p>\n\n\n\n<p><strong>================= USER EDIT ====================<\/strong><\/p>\n\n\n\n<p><strong>RID     : 1002 [03ea]<br> Username: Olivier<br> fullname: Olivier<br> comment : <br> homedir : <\/strong><\/p>\n\n\n\n<p><strong>00000221 = Benutzer (which has 4 members)<\/strong><\/p>\n\n\n\n<p><strong>Account bits: 0x0210 =<br> [ ] Disabled        | [ ] Homedir req.    | [ ] Passwd not req. | <br> [ ] Temp. duplicate | [X] Normal account  | [ ] NMS account     | <br> [ ] Domain trust ac | [ ] Wks trust act.  | [ ] Srv trust act   | <br> [X] Pwd don&rsquo;t expir | [ ] Auto lockout    | [ ] (unknown 0x08)  | <br> [ ] (unknown 0x10)  | [ ] (unknown 0x20)  | [ ] (unknown 0x40)  | <\/strong><\/p>\n\n\n\n<p><strong>Failed login count: 0, while max tries is: 0<br> Total  login count: 3<br> ** No NT MD4 hash found. This user probably has a BLANK password!<br> ** No LANMAN hash found either. Try login with no password!<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>&#8211; &#8211; &#8211; User Edit Menu:<br> 1 &#8211; Clear (blank) user password<br> (2 &#8211; Unlock and enable user account) [seems unlocked already]<br> 3 &#8211; Promote user (make user an administrator)<br> 4 &#8211; Add user to a group<br> 5 &#8211; Remove user from a group<br> q &#8211; Quit editing user, back to user select<br> Select: [q] ><\/strong><\/li><\/ul>\n\n\n\n<p>On acc\u00e8de \u00e0 un certain nombre de commandes permettant de d\u00e9bloquer le compte utilisateur, r\u00e9initialiser le mot de passe ou donner les droits d&rsquo;administration. Attention j&rsquo;ai pu constater que \u00e7a marchait bien, sauf qu&rsquo;en quittant la commande <strong>chntpw <\/strong>il ne sauvegardait rien ! Je me suis pris autrement en tapant pour le compte Olivier<\/p>\n\n\n\n<p><strong>chntpw -u Olivier sam<\/strong><\/p>\n\n\n\n<p>ce qui donne<\/p>\n\n\n\n<p><strong>chntpw version 1.00 140201, (c) Petter N Hagen<br> Hive  name (from header): &lt;\\SystemRoot\\System32\\Config\\SAM><br> ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c <br> File size 262144 [40000] bytes, containing 8 pages (+ 1 headerpage)<br> Used for data: 273\/87760 blocks\/bytes, unused: 18\/10288 blocks\/bytes.<\/strong><\/p>\n\n\n\n<p><strong>================= USER EDIT ====================<\/strong><\/p>\n\n\n\n<p><strong>RID     : 1002 [03ea]<br> Username: Olivier<br> fullname: Olivier<br> comment : <br> homedir : <\/strong><\/p>\n\n\n\n<p><strong>00000221 = Benutzer (which has 4 members)<\/strong><\/p>\n\n\n\n<p><strong>Account bits: 0x0210 =<br> [ ] Disabled        | [ ] Homedir req.    | [ ] Passwd not req. | <br> [ ] Temp. duplicate | [X] Normal account  | [ ] NMS account     | <br> [ ] Domain trust ac | [ ] Wks trust act.  | [ ] Srv trust act   | <br> [X] Pwd don&rsquo;t expir | [ ] Auto lockout    | [ ] (unknown 0x08)  | <br> [ ] (unknown 0x10)  | [ ] (unknown 0x20)  | [ ] (unknown 0x40)  | <\/strong><\/p>\n\n\n\n<p><strong>Failed login count: 0, while max tries is: 0<br> Total  login count: 4<br> ** No NT MD4 hash found. This user probably has a BLANK password!<br> ** No LANMAN hash found either. Try login with no password!<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>&#8211; &#8211; &#8211; User Edit Menu:<br> 1 &#8211; Clear (blank) user password<br> (2 &#8211; Unlock and enable user account) [seems unlocked already]<br> 3 &#8211; Promote user (make user an administrator)<br> 4 &#8211; Add user to a group<br> 5 &#8211; Remove user from a group<br> q &#8211; Quit editing user, back to user select<br> Select: [q] ><\/strong><\/li><\/ul>\n\n\n\n<p>Pour le passer administrateur, je tape 3, et voil\u00e0 ce que \u00e7a donne<\/p>\n\n\n\n<p><strong>=== PROMOTE USER<\/strong><\/p>\n\n\n\n<p><strong>Will add the user to the administrator group (0x220)<br> and to the users group (0x221). That should usually be<br> what is needed to log in and get administrator rights.<br> Also, remove the user from the guest group (0x222), since<br> it may forbid logins.<\/strong><\/p>\n\n\n\n<p><strong>(To add or remove user from other groups, please other menu selections)<\/strong><\/p>\n\n\n\n<p><strong>Note: You may get some errors if the user is already member of some<br> of these groups, but that is no problem.<\/strong><\/p>\n\n\n\n<p><strong>Do it? (y\/n) [n] : y<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Adding to 0x220 (Administrators) \u2026<br> sam_put_user_grpids: success exit<\/strong><\/li><li><strong>Adding to 0x221 (Users) \u2026<br> sam_put_user_grpids: success exit<\/strong><\/li><li><strong>Removing from 0x222 (Guests) \u2026<br> remove_user_from_grp: NOTE: group not in users list of groups, may mean user not member at all. Safe. Continuing.<br> remove_user_from_grp: NOTE: user not in groups list of users, may mean user was not member at all. Does not matter, continuing.<br> sam_put_user_grpids: success exit<\/strong><\/li><\/ul>\n\n\n\n<p><strong>Promotion DONE!<br> ================= USER EDIT ====================<\/strong><\/p>\n\n\n\n<p><strong>RID     : 1002 [03ea]<br> Username: Olivier<br> fullname: Olivier<br> comment : <br> homedir : <\/strong><\/p>\n\n\n\n<p><strong>00000221 = Benutzer (which has 4 members)<br> 00000220 = Administratoren (which has 3 members)<\/strong><\/p>\n\n\n\n<p><strong>Account bits: 0x0210 =<br> [ ] Disabled        | [ ] Homedir req.    | [ ] Passwd not req. | <br> [ ] Temp. duplicate | [X] Normal account  | [ ] NMS account     | <br> [ ] Domain trust ac | [ ] Wks trust act.  | [ ] Srv trust act   | <br> [X] Pwd don&rsquo;t expir | [ ] Auto lockout    | [ ] (unknown 0x08)  | <br> [ ] (unknown 0x10)  | [ ] (unknown 0x20)  | [ ] (unknown 0x40)  | <\/strong><\/p>\n\n\n\n<p><strong>Failed login count: 0, while max tries is: 0<br> Total  login count: 4<br> ** No NT MD4 hash found. This user probably has a BLANK password!<br> ** No LANMAN hash found either. Try login with no password!<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>&#8211; &#8211; &#8211; User Edit Menu:<br> 1 &#8211; Clear (blank) user password<br> (2 &#8211; Unlock and enable user account) [seems unlocked already]<br> 3 &#8211; Promote user (make user an administrator)<br> 4 &#8211; Add user to a group<br> 5 &#8211; Remove user from a group<br> q &#8211; Quit editing user, back to user select<br> Select: [q] ><\/strong><\/li><\/ul>\n\n\n\n<p>et  cette fois-ci quand je lui demande de quitter, il me demande bien de sauvegarder la modification<\/p>\n\n\n\n<p><strong>Hives that have changed:<br>  #  Name<br>  0  <br> Write hive files? (y\/n) [n] : y<br>  0   &#8211; OK<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Voulant r\u00e9installer le launchpad Novation MK2 sur le nouveau ThinkPad T440p sous windows 7 professionnel pour ma fille, je me suis rendu compte que j&rsquo;avais n\u00e9gligemment oubli\u00e9 le mot de passe d&rsquo;administrateur ! C&rsquo;est ballot, fort heureusement avec une partition sous linux, on peut faire pas mal de chose avec une commande qui s&rsquo;appelle chntpw &hellip; <a href=\"https:\/\/olivier.hoarau.org\/?p=3343\" class=\"more-link\">Continuer la lecture de <span class=\"screen-reader-text\">R\u00e9cup\u00e9rez un mot de passe windows de linux<\/span>  <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","_share_on_mastodon":"0"},"categories":[5],"tags":[],"class_list":["post-3343","post","type-post","status-publish","format-standard","hentry","category-logiciels-libres"],"share_on_mastodon":{"url":"","error":""},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/peOjJ-RV","jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/olivier.hoarau.org\/index.php?rest_route=\/wp\/v2\/posts\/3343","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/olivier.hoarau.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/olivier.hoarau.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/olivier.hoarau.org\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/olivier.hoarau.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3343"}],"version-history":[{"count":2,"href":"https:\/\/olivier.hoarau.org\/index.php?rest_route=\/wp\/v2\/posts\/3343\/revisions"}],"predecessor-version":[{"id":3346,"href":"https:\/\/olivier.hoarau.org\/index.php?rest_route=\/wp\/v2\/posts\/3343\/revisions\/3346"}],"wp:attachment":[{"href":"https:\/\/olivier.hoarau.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3343"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/olivier.hoarau.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3343"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/olivier.hoarau.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3343"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}