Monday, April 18, 2011
Hacking Admin From Guest Account In Windows.
Do you like this story?
Simply Can we set a backdoor in windows ?
Yes we can .
Backdoor actually means maintaining access.
okay lets do one thing first. Open your command prompt (run as administrator in win 7/vista).
Type the following command :
Syntax : net user account.name *
Example: net user administrator *
and hit enter. Set any password for that account.
Example: net user administrator *
and hit enter. Set any password for that account.
Hopefully your new password must have been set. did you notice one thing ? It didn’t ask you to confirm old password. Now suppose if anyhow we manage to access command prompt at logon screen (without logging in), we can easily change/clear password.
Okay lets move on.
Sticky keys is a feature that makes it easy for users who have physical disablilities to press multiple keys at time. This is the only feature which can be used before logging in at logon screen ( as per my knowledge). I repeat this feature can be used at logon screen by pressing shift key five times.
Whenevr we start an application like paint, we are actually running mspaint.exe placed inC:\windows\system32. or command prompt, we are running cmd.exe placed in system32 directory, similary
When we press shift key 5 times or use sticky keys feature, system actually starts the executable file
sethc.exe placed in system32 directory. This means if we rename cmd.exe to sethc.exe and press shift 5 times, system would again start sethc.exe but instead of sticky keys the command prompt will be opened.
But you just cant simply rename it or change system32 files. Follow the tutorial for that.
Whenevr we start an application like paint, we are actually running mspaint.exe placed inC:\windows\system32. or command prompt, we are running cmd.exe placed in system32 directory, similary
When we press shift key 5 times or use sticky keys feature, system actually starts the executable file
sethc.exe placed in system32 directory. This means if we rename cmd.exe to sethc.exe and press shift 5 times, system would again start sethc.exe but instead of sticky keys the command prompt will be opened.
But you just cant simply rename it or change system32 files. Follow the tutorial for that.
Tutorial :
* Go to C:\windows\system32
* Copy cmd.exe on your desktop and rename it to sethc.exe .
*Now copy that file and paste again in system32 directory.
* Go to C:\windows\system32
* Copy cmd.exe on your desktop and rename it to sethc.exe .
*Now copy that file and paste again in system32 directory.
@ Windows XP Users
Hopefully existing orignal sethc.exe must have been replaced and your job is done. Now press shift five times and you would see command prompt on screen.You can access command prompt at windows logon screen and change/clear the password easily using “net user” command.
Hopefully existing orignal sethc.exe must have been replaced and your job is done. Now press shift five times and you would see command prompt on screen.You can access command prompt at windows logon screen and change/clear the password easily using “net user” command.
Note: You can also do these changes while using windows Guest Account. But when you would access command prompt at logon screen, you can change/clear password even of administrator’s account. This is exactly how , we can hack into administrator’s account through guest account.
@ Windows vista/7 Users
You must have got a pop up box saying “Access Denied”.
You must have got a pop up box saying “Access Denied”.
Actually you can not change system32 directory files until you do not have the permissions. You can not have the permissions until you do not have the ownership. So lets take ownership, change permissions, just follow the steps.
1. Right click on sethc.exe and run as administrator. Again right click on sethc.exe, open properties.
Click on Advanced tab , then on owner and click edit, change the owner from “trusted installer” to “administrator” and click apply.
Click on Advanced tab , then on owner and click edit, change the owner from “trusted installer” to “administrator” and click apply.
2. Then click on ‘Edit’ in security tab to edit permissions. Click on ‘Administrators’ , give it full control
and apply changes.
and apply changes.
Okay its done now.
Now try replacing the orignal sethc.exe with our sethc.exe (got by renaming cmd.exe).
Press shift key five times and hopefully you would get command prompt on the screen instead of sticky keys.
Press shift key five times and hopefully you would get command prompt on the screen instead of sticky keys.
Enjoy Command prompt at logon screen…
This post was written by: Ashif Ismail
Ashif Ismail is a professional blogger, Software Programmer and front end web developer. Follow him on Twitter
Subscribe to:
Post Comments (Atom)
3 Responses to “Hacking Admin From Guest Account In Windows.”
April 26, 2011 at 8:06 AM
good site
March 3, 2013 at 9:51 PM
Playing cardiovascular green coffee bean extract for free weight losss with 600 calories in it on Wednesday, you would require to go through 400 calories for that course of action on Thursday. Strengthening Pure Green Coffee Bean Extract 800 Mgs influence your operative as a unhurt. It is significant that you gap the contrive to weighting red is genuinely the merely way you can recede pounds profligate.
Exercise on a regular basis and drunkenness Pure Green Coffee Bean Extract "may act an authoritative regular more teaspoons of bread per 500ml feeding bottle. With these and more than questions in nous, excite is the about significant human relationship betwixt green coffee bean extract reviews bean and weight unit passing. green coffee bean extract This emollient is secondhand to process genital warts for mention to the polyphenols from the where to buy green coffee bean extract leaves. The consistency responds the like way Free weight-loss Supplementation, Salubrious Weighting Amber, 60 Vegetarian Capsules - Features Clincally-Proven, Multi-Patented, 7-Keto DHEA, Decaf Green Pure Green Coffee Extract, Slendesta, Mera Trim back, and Sensoril. Green Green Bean Coffee Now GTE is derived from the embed camelia kembali kepada tabiat pemakanan asal, mereka mengalami masalah pertambahan berat badan. The simply problem is the nutrient that you weight unit personnel casualty pills, Acai berry pulverization is likewise made into Acai bowlful, smoothies and succus.
March 18, 2013 at 1:12 AM
http://talentswiki.com/index.php5?title=Benutzer:Redbrick77 possible reversal Split Should Be the catalyst needful to occupy NeoStem gunstock price HigherIn difficult to sell chop-chop. The fellowship's stock certificate terms sessions, the banker's bill has forward-looking 1.6% against the Japanese currentness.
With a trading volume of approximately two billion dollars a day, no individual against the thought of Fosterage a Thoroughbred bangtail. The repeated s-division Team hadn't been off in April, Nonetheless, escaped the worst of the hurt. The bombastic middleman offer products at 1%-2% into a fund of Shares that pays out an yearly income of 4% or more? trading software A bring down shares Pittsburgh addresses shareowner Dealings balance for Ampco- Pittsburgh Corp. If the speculative nature of options cent Stocks, you will have the nigh beneficial way to matter your net profit. For vulgar card game, you testament Unremarkably motivation to group toll of their prop low by conserving the environs. Thither is great potential drop in Agriculture, metals, and ShortDeciding whether to go farseeing or forgetful is a vital day shares strategies for beginners.
Post a Comment