The commercial licenses licenses out the software to one USB pendrive per license purchased.Ĭurrent version is able to bypass passwords on the following operating systems: Newest Kon-Boot releases are available only as commercial products and are still maintained. This version is still available as freeware This release provided additional support for bypassing Windows systems passwords on any Windows operating system starting from Windows Server 2008 to Windows 7. In 2009 author of this software announced Kon-Boot for Linux and 32-bit Microsoft Windows systems. Version 1.0 (freeware) allowed users to login into Linux based operating systems and to bypass the authentication process (allowing access to the system without knowing the password).
The main idea was to allow users to login to the target computer without knowing the correct password and without making any persistent changes to system on which it is executed.įirst Kon-Boot release was announced in 2008 on DailyDave mailing list.
PS: Also check out the options you have to reset a Windows password.Kon-Boot was originally designed as a proof of concept, freeware security tool, mostly for people who tend to forget their passwords. In one of my next posts, I will show you what you can do to prevent cleaning lady hacks.
Even though tools such as Kon-Boot won't give an attacker access to domain accounts, it is no big deal to install a Trojan with a keylocker on all your desktops and just wait until users or domain administrators enter more interesting passwords. I mostly reviewed Kon-Boot to demonstrate how important it is to ensure that computers in your network can't be hacked within a few seconds by a cleaning lady. Microsoft certainly could add one or two security levels that would prevent such easy hacks. However, removing a administrator password appears to me to be too easy. It is true that a computer is much easier to crack if you have physical access. On the other hand, I don't understand why Microsoft doesn't put a stop to such tools. It is kind of disrespectful to crack Windows on the fly. It is no wonder that Microsoft's Security Essentials also classifies the tool as dangerous. This is probably because its publisher markets Kon-Boot as a hacking tool. If you have tried the tool on Windows 7, please let me know in a comment below.īefore you try the tool, you should know that some antivirus vendors identify Kon-Boot as malware.
So perhaps all my Windows 7 installations just had something in common that Kon-Boot didn't like. The publisher claims that the recently updated version also supports Windows 7, and reports on the web appear to confirm this. It worked consistently fine, however, on Vista and Windows XP. On Windows 7 Ultimate, it simply wasn't able to remove the password, and crashed a freshly installed Windows 7 Home Premium computer. I have tried the tool on a couple of Windows 7 machines and it failed several times. However, I can't really recommend this tool. I think, this would be the perfect password remove tool for all those desperate computer laymen who want to access their computer as quickly as possible without bothering their heads with terms such as system drive or SAM database. If you reboot again without using Kon-Boot you need the old passwords. Thus the tool doesn't change the SAM database.
Update (see comment below): Kon-Boot changes the contents of the Windows kernel on the fly while booting allowing you to log on without password. Kon-Boot just reboots Windows and sets an empty password for all accounts it finds, enabling you to log on to any of the local accounts without a password.
You don't receive a message that informs you whether the mission has been accomplished. The last part is very quick and only takes a fraction of the time that the tool needs to display its hello-world screens. You have to wait here until the ego screen finishes its display, and then Kon-Boot will finally do what it is supposed to do. Somehow this destroys the beauty of this tool because it would certainly be even cooler to hack Windows without touching a key.Īfter you press a key, a second "I-am-so-proud-to-be-hacker-screen" appears. At this point, you have to press a key for Kon-Boot to continue. Shortly after the CD drive starts spinning, you will see the Kon-Boot welcome screen.