Wednesday, September 21

CREATE BACKDOOR & ACCESS WINDOWS AS ADMIN


CONCEPT

  • Sticky keys is a feature that makes it easy for users who have physical dis-ablilities to press multiple keys at time. This is the only feature which can be used before logging in at logon screen.
  • When we press shift key 5 times or use sticky keys feature, system actually starts the executable file "sethc.exe" placed in system32 directory. "cmd.exe" placed in system32 directory similarly.
  • This means if we rename "cmd.exe" to "sethc.exe" and press shift 5 times, system would again start "sethc.exe" but instead of sticky keys the command prompt will be opened.

STEPS
  • Goto "C:/Windows/System32" & find "cmd.exe".
  • Copy Paste it on Desktop & Rename it "sethc.exe".
  • Now Copy this sethc.exe back to System32 folder & paste. Windows will ask for overwriting it, confirm it Yes.
  • Log-Out & Press Shift key 5 times. CMD window will open up. Type --> "net user"  too see admin name.
  • Re-type --> "net user <admin-name> *" & set password. Login Windows as Admin.

ERROR WHILE COPYING SETHC.EXE
  • SOMETIMES IT MAY HAPPEN THAT YOU CAN'T BE ABLE TO COPY PASTE "sethc.exe" IN SYSTEM32 FOLDER. YOU HAVE TO EDIT ITS PERMISSION SETTINGS.
  • Right Click on sethc.exe, Properties --> Security TAB --> Advanced.
  • Goto, Owner --> Edit. 
  • Change its Owner from "Trusted Installer" to "Administrator".  Click Apply Ok.
  • Now Again Goto, Security --> Edit. Click on "Administrators" & Tick Mark all Controls. Apply, Ok & Exit.
  • YOU ARE DONE...






No comments:

Post a Comment