Kon-Boot: Bypass Windows login-password with a LiveCD

KryptosLogic splash screenKon-Boot is a great LiveCD that allows you to bypass any Windows login-passwords, in case you’ve forgotten the password, and tools like Ophcrack isn’t able to find your password. Kon-Boot works by patching the windows logon-process in memory, to be able to accept all passwords entered on the logon-screen.
Notes and cautions:

  • Kon-Boot has become payware, but the old version of the software is still freeware. Only the new, payware, version of the software works on both 32-bit and 64-bit Windows, while the old freeware version only works on 32-bit Windows.
  • If you are using Kon-Boot to logon to a domain user, you would of course not be able access the networked resources, only the local resources on the computer.
  • If you logon to a domain user on a PC that isn’t connected to the domain server at the moment, the cached password of that user will be changed. This means that if you later try to logon with the domain user with the original password, you wouldn’t be able to do that if the PC is still not connected to the domain server.
  • If the user has some encrypted folders in the homefolder you wouldn’t be able to access those files, and if you decide to change the password once logged in via the Kon-Boot hack the user might loose access to that folder forever.

Kon-Boot splash screen

The program has been tested under the following Windows versions:
Windows Server 2008 Standard SP2 (v.275), Windows Vista SP0, SP1 and SP2, Windows Server 2003 Enterprise,
Windows XP, Windows XP SP1, SP2 and SP3 and finally Windows 7. So it should probably work with all Windows versions after Windows 2000. It doesn’t seem to be working with Windows 2000.
Note, it might not work with older computers or virtual computers. I tested it on an old Aopen XC cube, and the computer just crashed very early in the boot process. The same problem occured when I tested the ISO image in VirtualBox. It seems like Kon-Boot crashes if the following message is shown:

  • Dummy BIOS detected, trying to fix SMAP entries.

Leave a Reply

Your email address will not be published.