1. Find a file named SAM. The SAM file does not have an extension.

2. Create a DOS boot disk

3. Boot into DOS and delete or renamed the SAM file

4. Boot back into NT and login as Administrator with no password.

This hack is great if you work on a locked down NT box and all you want is to listen to your damn MP3s!!! A couple of notes - this only works if you are using FAT16 or FAT32. Also I think it is better to rename files instead of deleting them because you can go back and fix any errors you have made and you can hide your not so 31337 hacking skills from IT. This only works locally. I have been told that this works in Windows 2000 as well but I have not tried it myself.

A much better way of doing this is to copy the SAM file onto the disk, then run l0phtcrack on it to actually find out the password. I have done this many times and it works a treat!

If NT is running on a NTFS filesystem and not FAT, you'll also have to put a program called NTFS2DOS on the boot disk and run it. This will allow you to access the SAM file from DOS.

Log in or register to write something here or to contact authors.