Windows 2008 R2 Blank Password

Home Forums Security Forgot Administrator Password Windows 2008 R2 Blank Password

Viewing 1 post (of 1 total)
  • Author

  • Robert R.

    system: Windows Server 2008R2 Datacenter

    A client inherited a Windows 2008 R2 server. She does not know any of the passwords to log in to the system.

    Before bringing it to me, she took it to a commercial computer service center whose initials are G.S.

    I was able to recover the data simply by booting to a Knoppix Live CD and copying the data to an external USB hard drive.

    However, she would like to be able to log in to the system, in order to use the applications already installed to open the data files.

    I have tried several utilities to reset or blank the Administrator password. However

    (1) the password cannot be reset, because it is already blank
    (2) when I try to log in to Windows as Administrator using a blank password, I get “the user name or password is incorrect”

    Attached are photos from “Offline NT Password & Registry Editor” (via an article here).

    I also tried using chntpw from an Ubuntu live CD, per instructions from Make Us Of. Output is below.

    I have used other tools, such as Trinity Rescue Kit, with the same results.

    Since I cannot change a blank password using various password reset tools, and cannot log in with a blank password, I am at a loss as to what my next step should be.

    Any suggestions would be greatly appreciated.

    [email protected]:/media/2064308B64306626/Windows/System32/config$ pwd
    [email protected]:/media/2064308B64306626/Windows/System32/config$ sudo chntpw SAM
    chntpw version 0.99.6 080526 (sixtyfour), (c) Petter N Hagen
    Hive name (from header): < SystemRootSystem32ConfigSAM>
    ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c
    Page at 0x7000 is not ‘hbin’, assuming file contains garbage at end
    File size 262144 [40000] bytes, containing 6 pages (+ 1 headerpage)
    Used for data: 212/16200 blocks/bytes, unused: 9/8184 blocks/bytes.

    * SAM policy limits:
    Failed logins before lockout is: 0
    Minimum password length : 0
    Password history count : 0
    | RID -|


    | Admin? |- Lock? –|
    | 01f4 | Administrator | ADMIN | *BLANK* |
    | 01f5 | Guest | | dis/lock |

    SYSTEM SecureBoot : -1 -> Not Set (not installed, good!)
    SAM AccountF : 0 -> off
    SECURITY PolSecretEncryptionKey: -1 -> Not Set (OK if this is NT4)
    Syskey not installed!

    RID : 0500 [01f4]
    Username: Administrator
    comment : Built-in account for administering the computer/domain
    homedir :

    User is member of 1 groups:
    00000220 = Administrators (which has 2 members)

    Account bits: 0x0210 =
    [ ] Disabled | [ ] Homedir req. | [ ] Passwd not req. |
    [ ] Temp. duplicate | [X] Normal account | [ ] NMS account |
    [ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act |
    [X] Pwd don’t expir | [ ] Auto lockout | [ ] (unknown 0x08 ) |
    [ ] (unknown 0x10) | [ ] (unknown 0x20) | [ ] (unknown 0x40) |

    Failed login count: 0, while max tries is: 0
    Total login count: 0
    ** No NT MD4 hash found. This user probably has a BLANK password!
    ** No LANMAN hash found either. Sorry, cannot change. Try login with no password!

    – – – – User Edit Menu:
    1 – Clear (blank) user password
    2 – Edit (set new) user password (careful with this on XP or Vista)
    3 – Promote user (make user an administrator)
    (4 – Unlock and enable user account) [seems unlocked already]
    q – Quit editing user, back to user select
    Select: [q] > 2
    Sorry, unable to edit since password seems blank already (thus no space for it)

    Hives that have changed:
    # Name

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

External Sharing and Guest User Access in Microsoft 365 and Teams

This eBook will dive into policy considerations you need to make when creating and managing guest user access to your Teams network, as well as the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure.

You will learn:

  • Who should be allowed to be invited as a guest?
  • What type of guests should be able to access files in SharePoint and OneDrive?
  • How should guests be offboarded?
  • How should you determine who has access to sensitive information in your environment?

Sponsored by: