First of all, please read the following important instructions about this tutorial:
Please note, during this tutorial you are going to advance deeply into your operating system, so we kindly ask you to be careful while running these commands. Furthermore, we ask for your understanding, that Contabo is not be liable for damages or data loss of your operating system.
Please be also informed, that this tutorial is not working on Dedicated Servers along with Windows operating system without a KVM over IP device. We kindly ask you to open a ticket at support@contabo.com if we should assist you.
This tutorial offers the opportunity to reset the system password for the "root" and "Administrator" users, so you should be able to logon to your server again in case you have lost or forgotten the password.
Please just go to your Customer Control Panel for performing a reboot of your VPS / Dedicated Server into the rescue mode. Therefore, you have to navigate to the "Your services" menu, followed by "Manage" -> "rescue mode".
(The login credentials of your customer control panel have been sent in our initial e-mail to your authorized e-mail address)
Password reset for Linux:
1. List system partitions:
root@sysresccd /root % fdisk -l
....
Device Boot Start End Blocks Id System
/dev/sda1 * 2048 961146879 480572416 83 Linux
/dev/sda2 961146880 976771071 7812096 82 Linux swap / Solaris
....
2. Mount system partitions:
root@sysresccd /root % mkdir /mnt/sda1
root@sysresccd /root % mount /dev/sda1 /mnt/sda1
3. Now you can change to the mounted environment:
root@sysresccd /root % chroot /mnt/sda1 /bin/bash
4. Reset the root password:
root@sysresccd:/# passwd root
Enter new UNIX password: <new password>
Retype new UNIX password: <new password>
passwd: password updated successfully
5. The root password has been changed, please exit the rescue mode and reboot your server back to the operating system:
root@sysresccd:/# exit
exit
root@sysresccd /root % exitrescue
Server was set to boot from normal harddisk at the next boot!
Please enter "reboot" to reboot the system!
root@sysresccd /root % reboot
Now you should be able to login using the new password.
Password reset for Windows:
1. List system partitions:
root@sysresccd /root % fdisk -l
....
Device Boot Start End Sectors Size Id Type
/dev/vda1 * 2048 718847 716800 350M 27 Hidden NTFS WinRE
/dev/vda2 718848 629143551 628424704 299.7G 7 HPFS/NTFS/exFAT
....
2. Mount system partitions:
root@sysresccd /root % mkdir /mnt/vda2
root@sysresccd /root % ntfs-3g /dev/vda2 /mnt/vda2
Please note: If now an error message appears, please enter the following command before you are going to mount the system partition:
root@sysresccd /root % ntfsfix /dev/vda2
Mounting volume... OK
Processing of $MFT and $MFTMirr completed successfully.
Checking the alternate boot sector... OK
NTFS volume version is 3.1.
NTFS partition /dev/vda2 was processed successfully.
3. Now you can change to the system directory:
root@sysresccd /root % cd /mnt/vda2/Windows/System32/config
4. Print all system users:
root@sysresccd /root/mnt/vda2/Windows/System32/config % chntpw -l SAM
chntpw version 1.00 140201, (c) Petter N Hagen
Hive <SAM> name (from header): <\SystemRoot\System32\Config\SAM>
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c <lf>
File size 262144 [40000] bytes, containing 8 pages (+ 1 headerpage)
Used for data: 302/27480 blocks/bytes, unused: 28/5032 blocks/bytes.
| RID -|---------- Username ------------| Admin? |- Lock? --|
| 01f4 | Administrator | ADMIN | |
| 01f5 | Guest | | dis/lock |
5. Reset the Administrator password:
root@sysresccd /root/mnt/vda2/Windows/System32/config % chntpw SAM -u Administrator
chntpw version 1.00 140201, (c) Petter N Hagen
Hive <SAM> name (from header): <\SystemRoot\System32\Config\SAM>
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c <lf>
File size 262144 [40000] bytes, containing 8 pages (+ 1 headerpage)
Used for data: 302/27504 blocks/bytes, unused: 28/5008 blocks/bytes.
================= USER EDIT ====================
RID : 0500 [01f4]
Username: Administrator
fullname:
comment : Built-in account for administering the computer/domain
homedir :
00000220 = Administrators (which has 1 members)
Account bits: 0x0010 =
[ ] Disabled | [ ] Homedir req. | [ ] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account | [ ] NMS account |
[ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act |
[ ] Pwd don't expir | [ ] Auto lockout | [ ] (unknown 0x08) |
[ ] (unknown 0x10) | [ ] (unknown 0x20) | [ ] (unknown 0x40) |
Failed login count: 0, while max tries is: 0
Total login count: 82
- - - - User Edit Menu:
1 - Clear (blank) user password
(2 - Unlock and enable user account) [seems unlocked already]
3 - Promote user (make user an administrator)
4 - Add user to a group
5 - Remove user from a group
q - Quit editing user, back to user select
Select: [q] > 1
Password cleared!
================= USER EDIT ====================
RID : 0500 [01f4]
Username: Administrator
fullname:
comment : Built-in account for administering the computer/domain
homedir :
00000220 = Administrators (which has 1 members)
Account bits: 0x0010 =
[ ] Disabled | [ ] Homedir req. | [ ] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account | [ ] NMS account |
[ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act |
[ ] Pwd don't expir | [ ] Auto lockout | [ ] (unknown 0x08) |
[ ] (unknown 0x10) | [ ] (unknown 0x20) | [ ] (unknown 0x40) |
Failed login count: 0, while max tries is: 0
Total login count: 82
** No NT MD4 hash found. This user probably has a BLANK password!
** No LANMAN hash found either. Try login with no password!
- - - - User Edit Menu:
1 - Clear (blank) user password
(2 - Unlock and enable user account) [seems unlocked already]
3 - Promote user (make user an administrator)
4 - Add user to a group
5 - Remove user from a group
q - Quit editing user, back to user select
Select: [q] > q
Hives that have changed:
# Name
0 <SAM>
Write hive files? (y/n) [n] : y
0 <SAM> - OK
6. The Administrator password has been changed, you can check this as follows:
root@sysresccd /root/mnt/vda2/Windows/System32/config % chntpw -i SAM
===== chntpw Edit User Info & Passwords ====
| RID -|---------- Username ------------| Admin? |- Lock? --|
| 01f4 | Administrator | ADMIN | *BLANK* |
| 01f5 | Guest | | dis/lock |
Please enter user number (RID) or 0 to exit: [1f4] 0
Please note: The *BLANK* entry indicates, that currently no Administrator password is set!
7. Exit the rescue mode and reboot your server back to the operating system:
root@sysresccd /root % exitrescue
Server was set to boot from normal harddisk at the next boot!
Please enter "reboot" to reboot the system!
root@sysresccd /root % reboot
8. Last of all, you can login to your server via VNC without password for setting a new password. Therefore, please choose one of the following options:
(The login credentials of your VNC access have been sent in our initial e-mail to your authorized e-mail address)
1st option:
Control panel > User accounts > User accounts > Manage accounts > Change account > Create password
2nd option:
Please open the command prompt on the desktop and enter the following command:
C:\Users\Administrator> net user Administrator <password>
A new password has been created, it is valid for the "Administrator" user account from now on.
