Package: chntpw Version: 0.99.5-0+nmu1 Severity: wishlist Tags: patch Hello,
This utility can be very useful, and its operation is well documented. However, what is documented nowhezre is where to find the SAM file it is to work on. So here are two patches, to give the usual location of this file. In addition, I modified the example section so that it gives a complete use case. Regards, -- Tanguy Ortolo -- System Information: Debian Release: 5.0.4 APT prefers stable APT policy: (990, 'stable'), (60, 'testing'), (50, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-trunk-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages chntpw depends on: ii libc6 2.10.2-2 GNU C Library: Shared libraries ii libgcrypt11 1.4.4-6 LGPL Crypto library - runtime libr chntpw recommends no packages. chntpw suggests no packages. -- no debconf information
--- README.txt.old 2010-02-15 11:29:20.543935178 +0100 +++ README.txt 2010-02-15 11:31:34.079765843 +0100 @@ -29,6 +29,8 @@ change user passwords in a Windows NT SAM userdatabase file. You do not need to know the old passwords. However, you need to get at the file some way or another yourself. +This file is usually located at \WINDOWS\system32\config\SAM on the +Windows main file system. In addition it contains a simple registry editor with full write support, and hex-editor which enables you to fiddle around with bits&bytes in the file as you wish yourself.
--- chntpw.8.old 2010-02-15 11:31:44.471732663 +0100 +++ chntpw.8 2010-02-15 11:48:03.735933060 +0100 @@ -35,7 +35,8 @@ .PP .B chntpw is a utility to view some information and change user passwords -in a Windows NT/2000 SAM userdatabase file. It is not necessary to +in a Windows NT/2000 SAM userdatabase file, usually located at +\\WINDOWS\\system32\\config\\SAM on the Windows file system. It is not necessary to know the old passwords to reset them. In addition it contains a simple registry editor (same size data writes) and hex-editor with which the information contained in a registry @@ -65,26 +66,36 @@ Show hexdumps of structs/segments (deprecated debug function). .SH EXAMPLES .TP -.B chntpw sam system +.B ntfs-3g /dev/sda1 /media/win ; cd /media/win/WINDOWS/system32/config/ +Mount the Windows file system and enters the directory +.B \\\\WINDOWS\\\\system32\\\\config +where Windows stores the SAM database. +.TP +.B chntpw SAM system Opens registry hives -.B sam +.B SAM and .B system and change administrator account. This will work even if the name has been changed or it has been localized (since different language versions of NT use different administrator names). .TP -.B chntpw -u jabbathehutt mysam +.B chntpw -l SAM +Lists the users defined in the +.B SAM +registry file. +.TP +.B chntpw -u jabbathehutt SAM Prompts for password for .B jabbathehutt and changes it in the -.B mysam -registry file, if found (otherwise do nothing) +.B SAM +registry file, if found (otherwise do nothing). .SH SEE ALSO If you are looking for an automated procedure for password recovery, you might look at the bootdisks provided by the upstream author at -.BR http://home.eunet.no/~pnordahl/ntpasswd/ +.BR http://home.eunet.no/~pnordahl/ntpasswd/ . .br There is more information on how this program works available at .IR /usr/share/doc/chntpw .
