Which Linux-based tool can change any user's password on a Windows 2008 R2 server?

Prepare for the EC-Council Certified Ethical Hacker (CEH) v13 Exam with our comprehensive study resources. Ace your exam with flashcards and multiple-choice questions complete with hints and explanations. Get exam-ready now!

Multiple Choice

Which Linux-based tool can change any user's password on a Windows 2008 R2 server?

Explanation:
This question tests offline Windows password reset using a Linux tool. Windows keeps password data in the SAM database, which can be modified only when you access those registry hives offline (for example, by booting a Linux environment and mounting the Windows drive). CHNTPW is a Linux-based utility specifically designed for this scenario. It reads the SAM and SYSTEM hives, and lets you clear a user’s password or assign a new one, effectively letting you log in without knowing the original password. In practice, you boot from a Linux live CD/USB, mount the Windows partition, run CHNTPW on the target user, choose to set or clear the password, and then reboot into Windows with the new credentials. If the drive is encrypted with BitLocker or similar, offline access to the hives won’t be possible until you handle the encryption keys. Hydra is a network login brute-forcer and not meant to modify Windows password hashes offline. John the Ripper is a password-cracking tool for hashes, which helps reveal passwords but does not rewrite the Windows SAM to set a new password. Cain and Abel is a Windows-oriented password tool, not a Linux-based utility used for offline SAM edits.

This question tests offline Windows password reset using a Linux tool. Windows keeps password data in the SAM database, which can be modified only when you access those registry hives offline (for example, by booting a Linux environment and mounting the Windows drive). CHNTPW is a Linux-based utility specifically designed for this scenario. It reads the SAM and SYSTEM hives, and lets you clear a user’s password or assign a new one, effectively letting you log in without knowing the original password. In practice, you boot from a Linux live CD/USB, mount the Windows partition, run CHNTPW on the target user, choose to set or clear the password, and then reboot into Windows with the new credentials. If the drive is encrypted with BitLocker or similar, offline access to the hives won’t be possible until you handle the encryption keys.

Hydra is a network login brute-forcer and not meant to modify Windows password hashes offline. John the Ripper is a password-cracking tool for hashes, which helps reveal passwords but does not rewrite the Windows SAM to set a new password. Cain and Abel is a Windows-oriented password tool, not a Linux-based utility used for offline SAM edits.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy