Press shift key 5 times and the sticky key dialog shows up.This works even at the logon screen. But If we replace
the sethc.exe which is responsible for the sticky key dialog,with cmd.exe, and then call sethc.exe by pressing
shift key 5 times at logon screen,we will get a command prompt with administrator privilages because no user
has logged on. From there we can hack the administrator password,even from a guest account.
Prerequisites
Guest account with write access to system 32.
Here is how to do that -
* Go to C:/windows/system32
* Copy cmd.exe and paste it on desktop
* rename cmd.exe to sethc.exe
* Copy the new sethc.exe to system 32,when windows asks for overwriting the file,then click yes.
When asked to overwrite,overwrite the sethc.exe
* Now Log out from your guest account and at the user select window,press shift key 5 times.
* Instead of Sticky Key confirmation dialog,command prompt with full administrator privileges will open.
* Now type “ NET USER ADMINISTRATOR lifestyle” where “lifestyle” can be any password you like and press enter.
* You will see “ The Command completed successfully” and then exit the command prompt and login into administrator
with your new password.
* Congrats You have hacked admin from guest account.
Everything is possible!!!!
No comments:
Post a Comment