Bypass Windows Password Using Kon-Boot
Hasn’t this happened to all of us IT professionals at one point in our careers: A client is going to be traveling out of the country on a vacation and he is leaving his computer for you to fix; he is of course, expecting his computer to be ready when he comes back. He leaves for his trip, you turn the computer on and you realize you can’t get into Windows because he did not leave you his password. What do you do now? You bypass it! Fortunately there is a program called Kon-Boot which will let you bypass the Windows password and go right into the operating system. Kon-boot does not alter Windows in any way; it works by changing the Windows kernel virtually so when the computer is rebooted it is back to its original state.
The following is a list of supported operating systems; see if your qualifies and proceed.
Instructions
Download Kon-boot ISO image and burn it to a CD using your favorite burning software.
Insert the CD in your CD-ROM drive and boot from it. To do this, make sure your CD-ROM is set as first boot device on your computer’s BIOS.
Press enter in the first splash screen.
Kon-boot will display a second splash screen, you do not have to do anything here, just let it run.
Kon-boot will then boot the Windows version on your computer’s hard drive, as explained before it will do so with a kernel that has been modified virtually; nothing on the computer’s hard drive is modified.
Once you get to your Windows screen, leave the password field blank and just press enter.
Windows will then let you access your desktop, just like if the computer had no password at all. As simple as that!
Final Thoughts
Bypassing a Windows password has never been easier. Seems unbelievable how fast Kon-boot can work its magic. This is a very useful tool indeed, not only for those times were you have forgotten your password, or your client’s, but also to conduct security audits, penetration testing, forensics investigation, etc. If you are interested in this tool for your workplace, there is a commercial version made by Kryptos Logic as well.