1. First, you will start up the computer (or restart
it).
2. While the computer is coming up and you can
see it saying, “ Starting Windows ,” grab and
hold down the power button until it does a
hard-shutdown.
3. This will make Windows have an issue. It will
think it is broken and ask you if you want to
Launch Repair, or Start Normally. You will
choose to Launch Startup Repair .
4. Startup repair will boot up and take a little
while, then it will ask you if you want to use a
System Restore Point. You are going to choose
“ Cancel.”
5. Now is the long part… You will wait, and wait.
After a long time, you will get a dialogue
telling you that Startup Repair could not repair
the computer automatically! What! After all
that waiting? That is okay, because this plays
right into our plans. So, you will click on the
down arrow in the bottom left so you can see
the Problem Details.
6. Now you will click on the link at the very end
of the Detail Report. It is the link for the
Privacy Statement .
7. Notepad will come up with the Privacy
statement in it. You will go on the File menu
and go to Open.
8. Using the Open Dialogue, you will go to
“ Computer” –> “Local Disk” –> “ Windows” –>
“ System 32”
9. Now, don’t forget to switch from “Text
Documents” to “All Files ” so you can see
every file in this folder.
10. Find the application file “sethc” This is the
accessibility keys program.
11. Rename this file as a backup file: I named it
“ sethc-bak ”
12. Now find the file: “cmd ” in the same folder.
This is your command prompt. Right click on
this one and go to Copy. Then right click in the
white background of the folder and Paste .
13. You will now have a file called “ cmd – Copy.”
You need to rename this to “ sethc”. Then close
out of all the windows and finish, so that the
computer restarts.
14. You will now be at the Login prompt (where
you don’t know the password). Hit the Shift
Key on your keyboard 5 times.
15. The Command Prompt with Administrator
Privileges comes up!
16. You will type in:
net user
and then make note if your intended victim
username. If the username you have at the
login screen is not here, then it is probably a
mask for one of the ones here on the net user
screen. Choose wisely.
17. You can find out which user is in the admin
group by simply typing:
net user [username]
for each one.
18. To reset the password, type in:
net user [username] *
This will give you a prompt to type a new
password. Keep in mind that if you set it to
something new, the user will definitely not be
able to get into their computer. However, if
you just leave it blank, they will not be
prompted for login. It is much more likely this
way, that they will think it is some fluke.
Maybe you put something on to monitor them,
and now they will just set their password again
and go on about their business. Whereas, if
they can’t get in because you changed the
password, they will probably wipe the drive.
19. Either way, you will put the corresponding
password into the login box after and you will
be in!
so enjoy .........
it).
2. While the computer is coming up and you can
see it saying, “ Starting Windows ,” grab and
hold down the power button until it does a
hard-shutdown.
3. This will make Windows have an issue. It will
think it is broken and ask you if you want to
Launch Repair, or Start Normally. You will
choose to Launch Startup Repair .
4. Startup repair will boot up and take a little
while, then it will ask you if you want to use a
System Restore Point. You are going to choose
“ Cancel.”
5. Now is the long part… You will wait, and wait.
After a long time, you will get a dialogue
telling you that Startup Repair could not repair
the computer automatically! What! After all
that waiting? That is okay, because this plays
right into our plans. So, you will click on the
down arrow in the bottom left so you can see
the Problem Details.
6. Now you will click on the link at the very end
of the Detail Report. It is the link for the
Privacy Statement .
7. Notepad will come up with the Privacy
statement in it. You will go on the File menu
and go to Open.
8. Using the Open Dialogue, you will go to
“ Computer” –> “Local Disk” –> “ Windows” –>
“ System 32”
9. Now, don’t forget to switch from “Text
Documents” to “All Files ” so you can see
every file in this folder.
10. Find the application file “sethc” This is the
accessibility keys program.
11. Rename this file as a backup file: I named it
“ sethc-bak ”
12. Now find the file: “cmd ” in the same folder.
This is your command prompt. Right click on
this one and go to Copy. Then right click in the
white background of the folder and Paste .
13. You will now have a file called “ cmd – Copy.”
You need to rename this to “ sethc”. Then close
out of all the windows and finish, so that the
computer restarts.
14. You will now be at the Login prompt (where
you don’t know the password). Hit the Shift
Key on your keyboard 5 times.
15. The Command Prompt with Administrator
Privileges comes up!
16. You will type in:
net user
and then make note if your intended victim
username. If the username you have at the
login screen is not here, then it is probably a
mask for one of the ones here on the net user
screen. Choose wisely.
17. You can find out which user is in the admin
group by simply typing:
net user [username]
for each one.
18. To reset the password, type in:
net user [username] *
This will give you a prompt to type a new
password. Keep in mind that if you set it to
something new, the user will definitely not be
able to get into their computer. However, if
you just leave it blank, they will not be
prompted for login. It is much more likely this
way, that they will think it is some fluke.
Maybe you put something on to monitor them,
and now they will just set their password again
and go on about their business. Whereas, if
they can’t get in because you changed the
password, they will probably wipe the drive.
19. Either way, you will put the corresponding
password into the login box after and you will
be in!
so enjoy .........
0 comments:
Post a Comment