Sunday 9 October 2011

Hack Windows Administrator passwords Using Stick keys

Ever wanted to hack administrator accounts in college/school Pcs . so that you can download with full speed or just wanted to hack your friend’s PC to make him gawk when you tell your success story of hacking ? well there's a great way of hacking Windows administrator password which works 100 % even today......  interested ? read on ......

Concept :
When we Press shift key 5 times a sticky key dialog box shows up.This works even at the logon screen. But If we replace the sethc file  which is responsible for the sticky key dialog box ,with cmd. (command prompt ), and then  press shift key 5 times at logon screen .we will get a command prompt with administrator privileges because no user has logged on. From there we can hack the administrator password or create a new user with admin privileges

Things we Need :-

1. Bootable  Linux distro .In this tutorial i will be using backtrack  If you don't know
    how create a bootable Linux distro you can refer my previous 
    article How To Make a Bootable Backtrack CD / USB

Procedure to Hack windows Administrator passwords Using Stick keys

1. First plug in your Bootable Linux distro CD or USB then restart your computer and 
go to boot menu by  pressing ( f12 or del key ) now select your booting device as CD/USB accordingly

2. After booting with your Linux distro open a new terminal mount the hard disk and navigate to c:/windows/system32 and copy cmd (command prompt) and rename it as sethc

3. Now copy /past the new sethc to c:/windows/system32,when asks for overwriting the file click yes.

4. Now reboot and remove your usb/cd . Now when your in the logon screen press shift key 5 times Instead of Sticky Key confirmation dialog box ,command prompt with full administrator privileges will open.

5. Now you can change the password of the administrator account or add a new user using the following commands

Example :
"Net user administrator 123 " where 123 is the password  or  you can add a new user 
"Net user  hackaholic /add "  where hackaholic is the name of the user  

6. You can also hide the  newly created account by going  to registry editor by click run and entering regedit  

Now  navigate to [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\SpecialAccounts\UserList]Here create a new DWORD value, write its name as the “user name” that you created for your  account  

By  this way we are able to hack windows admin accounts successfully .
If you have any doubts please feel free to post a comment