2013
01.07

Bash script to help run chntpw .
Wrote this to save some steps when resetting passwords.
It will mount the drive you choose then launch chntpw
When you are done it will unmount it.

Nothing special just wrote it for my own use.
But if you want it is yours.

#!/bin/bash
#bash script to mount windows drive and lauch chntpw
# Version 1 --I doubt there will be any updates
 
# style variables
execstyle="[\e[01;32mx\e[00m]" # execute msgs style
warnstyle="[\e[01;31m!\e[00m]" # warning msgs stylee
infostyle="[\e[01;34mi\e[00m]" # informational msgs style
 
clear

echo -e "\e[1;1m..----=====*****((  MOUNT SCRIPT & CHNTPW  ))*******=====----..\e[0m"
echo -e "\e[31m *************************************************************\e[0m"
echo -e "\e[31m *                                                           *\e[0m"
echo -e "\e[31m * \e[1;37m                      By Reaperz                          \e[0;31m*\e[0m"
echo -e "\e[31m *                                                           *\e[0m"
echo -e "\e[31m * \e[1;37m        http://www.yourgeekonthego.com/wordpress/         \e[0;31m*\e[0m"
echo -e "\e[31m *                                                           *\e[0m"
echo -e "\e[31m *************************************************************\e[0m"
echo ""
echo -e "$infostyle This tool will mount your windows drive and make it accessable for chntpw use"
echo ""
echo -e "    You may press CTRL C to stop this tool at any time." 
echo ""
echo ""
read -p "Press enter to list all drives"
fdisk -l
echo -e "-----------------------------------------------------------------------"
echo -e "$infostyle Enter a disk from list to be mounted"
echo -e "$warnstyle Enter only the last part ie. sda1, sda2 etc: " 
read -e DISK
clear
echo -e "\e[1;1m..----=====*****((  MOUNT SCRIPT & CHNTPW  ))*******=====----..\e[0m"
echo -e "\e[31m *************************************************************\e[0m"
echo -e "\e[31m *                                                           *\e[0m"
echo -e "\e[31m * \e[1;37m                      By Reaperz                          \e[0;31m*\e[0m"
echo -e "\e[31m *                                                           *\e[0m"
echo -e "\e[31m * \e[1;37m        http://www.yourgeekonthego.com/wordpress/         \e[0;31m*\e[0m"
echo -e "\e[31m *                                                           *\e[0m"
echo -e "\e[31m *************************************************************\e[0m"
echo -e "$execstyle Mounting /dev/$DISK to /mnt/Windows"

mkdir -p /mnt/Windows
mount -t ntfs /dev/$DISK /mnt/Windows
echo -e "$warnstyle If you got an error message, $DISK may not exist or the drive may already be mounted"
echo -e "$infostyle If you wish to unmount later: umount /mnt/Windows"
echo
read -p "    Press enter to start chntpw"
clear

echo -e "\e[1;1m..----=====*****((  MOUNT SCRIPT & CHNTPW  ))*******=====----..\e[0m"
echo -e "\e[31m *************************************************************\e[0m"
echo -e "\e[31m *                                                           *\e[0m"
echo -e "\e[31m * \e[1;37m                      By Reaperz                          \e[0;31m*\e[0m"
echo -e "\e[31m *                                                           *\e[0m"
echo -e "\e[31m * \e[1;37m        http://www.yourgeekonthego.com/wordpress/         \e[0;31m*\e[0m"
echo -e "\e[31m *                                                           *\e[0m"
echo -e "\e[31m *************************************************************\e[0m"
echo ""

echo -e "$execstyle locating chntpw"
cd /pentest/passwords/chntpw
echo -e "$infostyle chntpw will now load the SAM file from windows"
echo ""
read -p "   Press enter to continue"

./chntpw -i /mnt/Windows/Windows/System32/config/SAM
echo -e "$infostyle almost done lets unmount the drive "
read -p "    Press enter to unmount"
echo -e "$execstyle unmounting the drive "
umount /mnt/Windows
read -p "    Press enter to exit"

2 comments so far

Add Your Comment
  1. #!/bin/bash
    # bash script to mount windows drive and launch chntpw
    # Version 1.1
    # ----------Revisions------------
    # Added operating system detect to locate chntpw based on the current OS (ie. Kali, BackTrack) - HelpDeskMan
    # Added (fdisk -l | less) to easily view larger sized drive listings - HelpDeskMan
    # Fixed minor spelling mistakes - HelpDeskMan
    
    # style variables
    execstyle="[\e[01;32mx\e[00m]" # execute msgs style
    warnstyle="[\e[01;31m!\e[00m]" # warning msgs style
    infostyle="[\e[01;34mi\e[00m]" # informational msgs style
    
    # other variables
    OS=$(cat /etc/issue | awk '{print $1}')
     
    clear
    
    echo -e "\e[1;1m..----=====*****((  MOUNT SCRIPT & CHNTPW  ))*******=====----..\e[0m"
    echo -e "\e[31m *************************************************************\e[0m"
    echo -e "\e[31m *                                                           *\e[0m"
    echo -e "\e[31m * \e[1;37m                      By Reaperz                          \e[0;31m*\e[0m"
    echo -e "\e[31m * \e[1;37m                 Edited By HelpDeskMan                    \e[0;31m*\e[0m"
    echo -e "\e[31m *                                                           *\e[0m"
    echo -e "\e[31m * \e[1;37m        http://www.yourgeekonthego.com/wordpress/         \e[0;31m*\e[0m"
    echo -e "\e[31m *                                                           *\e[0m"
    echo -e "\e[31m *************************************************************\e[0m"
    echo ""
    echo -e "$infostyle This tool will mount your windows drive and make it accessible for chntpw use"
    echo ""
    echo -e "    You may press CTRL C to stop this tool at any time." 
    echo ""
    echo ""
    echo -e "$infostyle Find the disk you want to mount (ie. sda1, sda2, etc)"
    echo -e "$infostyle Press 'q' to exit the list"
    echo ""
    read -p "Press enter to list all drives"
    fdisk -l | less
    fdisk -l
    echo -e "-----------------------------------------------------------------------"
    echo -e "$infostyle Enter a disk from list to be mounted"
    echo -e "$warnstyle Enter only the last part ie. sda1, sda2 etc: " 
    read -e DISK
    clear
    echo -e "\e[1;1m..----=====*****((  MOUNT SCRIPT & CHNTPW  ))*******=====----..\e[0m"
    echo -e "\e[31m *************************************************************\e[0m"
    echo -e "\e[31m *                                                           *\e[0m"
    echo -e "\e[31m * \e[1;37m                      By Reaperz                          \e[0;31m*\e[0m"
    echo -e "\e[31m * \e[1;37m                 Edited By HelpDeskMan                    \e[0;31m*\e[0m"
    echo -e "\e[31m *                                                           *\e[0m"
    echo -e "\e[31m * \e[1;37m        http://www.yourgeekonthego.com/wordpress/         \e[0;31m*\e[0m"
    echo -e "\e[31m *                                                           *\e[0m"
    echo -e "\e[31m *************************************************************\e[0m"
    echo -e "$execstyle Mounting /dev/$DISK to /mnt/Windows"
    
    mkdir -p /mnt/Windows
    mount -t ntfs /dev/$DISK /mnt/Windows
    echo -e "$warnstyle If you got an error message, $DISK may not exist or the drive may already be mounted"
    echo -e "$infostyle If you wish to unmount later: umount /mnt/Windows"
    echo
    read -p "    Press enter to start chntpw"
    clear
    
    echo -e "\e[1;1m..----=====*****((  MOUNT SCRIPT & CHNTPW  ))*******=====----..\e[0m"
    echo -e "\e[31m *************************************************************\e[0m"
    echo -e "\e[31m *                                                           *\e[0m"
    echo -e "\e[31m * \e[1;37m                      By Reaperz                          \e[0;31m*\e[0m"
    echo -e "\e[31m * \e[1;37m                 Edited By HelpDeskMan                    \e[0;31m*\e[0m"
    echo -e "\e[31m *                                                           *\e[0m"
    echo -e "\e[31m * \e[1;37m        http://www.yourgeekonthego.com/wordpress/         \e[0;31m*\e[0m"
    echo -e "\e[31m *                                                           *\e[0m"
    echo -e "\e[31m *************************************************************\e[0m"
    echo ""
    
    echo -e "$execstyle Detecting operating system"
    case $OS in
    
    # Kali OS
    Kali)	echo -e "$infostyle Operating system: $OS"
    	echo -e "$execstyle Locating chntpw"
    	echo -e "$infostyle Chntpw will now load the SAM file from windows"
    	echo ""
    	read -p "   Press enter to continue"
    	chntpw -i /mnt/Windows/Windows/System32/config/SAM;;
    
    # BackTrack OS
    BackTrack)	echo -e "$infostyle Operating system: $OS"
    		echo -e "$execstyle Locating chntpw"
    		cd /pentest/passwords/chntpw
    		echo -e "$infostyle Chntpw will now load the SAM file from windows"
    		echo ""
    		read -p "   Press enter to continue"
    		./chntpw -i /mnt/Windows/Windows/System32/config/SAM;;
    
    # Other OS
    *)	echo -e "$infostyle Operating system: Unknown"
    	echo -e "$execstyle Locating chntpw"
    	echo -e "$infostyle This may take a few minutes"
    	fpath=$(find / -name 'chntpw' -type f -perm +111 -print | sed 's/\//g')
    	if [[ -n "$fpath" ]]; then
    		echo -e "$infostyle Chntpw found at $fpath"
    		cd $fpath
    	else
    		echo -e "$warnstyle Chntpw was not found!"
                    echo -e "$infostyle Enter the path to chntpw (ie. /usr/sbin/):"
                    read -e mpath
                    cd $mpath
    	fi
            echo -e "$infostyle Chntpw will now load the SAM file from windows"
            echo ""
            read -p "   Press enter to continue"
            ./chntpw -i /mnt/Windows/Windows/System32/config/SAM;;
    esac
    
    echo -e "$infostyle Almost done lets unmount the drive "
    read -p "    Press enter to unmount"
    echo -e "$execstyle Unmounting the drive "
    umount /mnt/Windows
    read -p "    Press enter to exit"
    
    
  2. This webpage took out part of the code. When setting the fpath variable the sed command is missing content. After the backslash you need a less than sign then the word “chntpw”. Then you need another backslash and then the greater than sign. It will look similar like the second example here: http://www.cyberciti.biz/faq/howto-delete-word-using-sed-under-unix-linux-bsd-appleosx/

Current day month ye@r *

This site is protected by Comment SPAM Wiper.