# Change User Password

If you encounter an account with a correct password but either `STATUS_PASSWORD_MUST_CHANGE` or `STATUS_PASSWORD_EXPIRED`, you usually won't be able to use it.\
However, with the `change-password` module, you can change the password of a target user.

You can also abuse `ForceChangePassword` to change the password of a user with this module.

### Change Password of the Current User

Change the password of the current user to NewPassword or a new NT hash:

```bash
nxc smb <ip> -u user -p pass -M change-password -o NEWPASS=NewPassword
nxc smb <ip> -u user -p pass -M change-password -o NEWNTHASH=31d6cfe0d16ae931b73c59d7e0c089c0
```

<figure><img src="/files/iYUbvkpiZlq5qHbyenlW" alt=""><figcaption><p>Reset Password of current the user</p></figcaption></figure>

### Change Password of a different User

Change the password of different user with `ForceChangePassword` or admin privileges to NewPassword or a new NT hash:

```bash
nxc smb <ip> -u user -p pass -M change-password -o USER=TargetUser NEWPASS=NewPassword
```

![Change Password](/files/kKpZfQmhB2deImmD136x)

Change the NT hash of TargetUser to 10C035D527CA60BE3ADF51996E7CD7E1

```bash
nxc smb <ip> -u user -p pass -M change-password -o USER=TargetUser NEWHASH=10C035D527CA60BE3ADF51996E7CD7E1
```

![Change Hash](/files/9nxxVgb6ZiEfkVw5Y2wU)

Made by [@FaganAfandiyev](https://x.com/kriyosthearcane), [@termanix](https://github.com/termanix) and [@NeffIsBack](https://x.com/al3x_n3ff).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://www.netexec.wiki/smb-protocol/change-user-password.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.